High-Tech Bridge Security Research Lab discovered multiple vulnerabilities in Kasseler CMS version 2 r1223, which can be exploited to perform SQL injection, Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) attacks and compromise vulnerable application.
SQL Injection:
Exists due to insufficient validation of "groups" HTTP POST parameter passed to "admin.php" script. A remote authenticated administrator can execute arbitrary SQL commands in application's database.
Stored Cross-Site Scripting (XSS):
Exists due to insufficient filtration of "cat" HTTP POST parameter passed to "admin.php" script. A remote attacker with privileges to create categories can permanently inject arbitrary HTML and script code into application database that will be executed in browser of every website visitor.
Сross-Site Request Forgery (CSRF):
Exists due to absence of CSRF protection mechanisms in the entire application. A remote attacker can trick logged-in administrator to visit a specially crafted webpage with CSRF exploit code. This will enable the attacker to execute arbitrary SQL queries in application's database and gain complete control over the application.
Upgrade to Kasseler CMS 2 r1232 to stay secure from this issues.
No comments:
Post a Comment