You are here: start » security » glfusion-2009-04-06
Table of Contents

Cross-Site Scripting and SQL Injection Vulnerabilities

Critical: Moderately critical

Impact: Cross Site Scripting

Where: Remote

Solution Status: Vendor Patch

Description

Some vulnerabilities have been reported in glFusion, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.

1) Input passed via the “glf_session” cookie is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

2) Certain input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected website.

Note: There is also a problem within the session handling code, which can be used to gain access to the application if a valid password hash is known.

Solution

Update to version 1.1.3. http://www.glfusion.org/article.php/glfusion113

This vulnerability has been fixed in glFusion v1.1.3 and later

Provided and/or discovered by:

Nine:Situations:Group

CVE referencs

CVE-2009-1281
CVE-2009-1282
CVE-2009-1283
security/glfusion-2009-04-06.txt · Last modified: 2010/02/02 02:12 (external edit)
 
Except where otherwise noted, content on this wiki is licensed under the following license: GNU Free Documentation License 1.3