Pligg CMS version 1.2.1 and probably prior suffers from local file inclusion (LFI), cross site scripting (XSS) vulnerabilities:
1. Cross-Site Scripting (XSS): Input passed via the arbitrary (any) GET parameter to "admin/admin_index.php", "karma_username" POST parameter, "q_1_low", "q_1_high", "q_2_low", "q_2_high", "edit" GET parameters to "module.php" scripts are not properly sanitised before being returned to the user.
2. Local File Inclusion (LFI): Input passed via the "captcha" GET parameter to "module.php" script is not properly verified before being used in "include_once()" PHP function and can be exploited to include arbitrary or previously uploaded local files, however successful exploitation of this vulnerability requires administrative privileges, so the most appropriate vector of exploitation is CSRF.
Vulnerability ID: HTB23089
Vendor Notification / Patch / Public Disclosure Dates: 25 April / 18 May / 23 May
Vulnerabilities Type: Cross-site scripting (XSS), Local file inclusion (LFI)
Risk level: Medium
Solution Status: Fixed by Vendor, upgrade to Pligg CMS 1.2.2
Read full information, details and Proof of Concept (PoC) for this advisory: High-Tech Bridge Advisory HTB23089: Multiple vulnerabilities in Pligg CMS.
No comments:
Post a Comment