Computer Security

Security Advisory: FileRun Vuln.
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  [Full-disclosure] CMS Made Simple: SQL injection

  Disable website access for sites running Webspeed

  Post Nuke v4bJournal Module Sql Inject

  12All File Upload Vulnerability

From:r0t <krustevs_(at)_googlemail.com>
Date:03.05.2007
Subject:FileRun Vuln.

FileRun Vuln.
###############################################
Vuln. discovered by : r0t
Date: 2 May  2007
vendor:http://filerun.dreamhosters.com/
orginal advisory:http://pridels.blogspot.com/2007/05/filerun-vuln.html
affected versions: 1.0 and previous
###############################################

1.
FileRun contains a flaw that allows a remote sql injection
attacks.Input passed to the "fid" parameter isn't properly sanitised
before being used in a SQL query.
This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

2.
FileRun contains a flaw that allows a remote Cross-Site Scripting
attacks.Input passed to the "page","module","section"  isn't properly
sanitised before being returned to the user.
This can be exploited to execute arbitrary HTML and script code in a
user's browser session in context of an affected site.

###############################################
Solution:
Edit the source code to ensure that input is properly sanitised.
###############################################
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod
 


Rating@Mail.ru