| VID |
21541 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The Mambo Open Source is vulnerable to cross-site scripting and file upload vulnerabilities. Mambo Open Source (formerly Mambo Site Server) is an Internet portal and content management software. Mambo Site Server versions 4.0.12 BETA and earlier are vulnerable to two vulnerabilities:
1) User-supplied Input passed to the sectionswindow.php, gallery.php, navigation.php, uploadimage.php, view.php, upload.php, mambosimple.php, upload.php, emailarticle.php, emailfaq.php and emailnews.php scripts isn't properly sanitized before being returned to users. These could be exploited to execute arbitrary HTML and script code in a user's browser session in context of a vulnerable site.
2) File upload vulnerabilities in the upload.php, administrator/upload.php, and administrator/gallery/uploadimage.php scripts allow a remote attacker to upload arbitrary files to the system. A remote attacker could exploit these vulnerabilities to upload and execute arbitrary PHP script code on the vulnerable system.
* References:
http://archives.neohapsis.com/archives/bugtraq/2003-01/0075.html
* Platforms Affected:
Miro Construct Pty Ltd., Mambo Site Server 4.0.12BETA and earlier
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of Mambo Open Source (4.0.12 BETA2 or later), available from the MamboForge Web site at http://sourceforge.net/projects/mambo/ |
| Related URL |
CVE-2003-1204 (CVE) |
| Related URL |
6571,6572 (SecurityFocus) |
| Related URL |
11050,11051 (ISS) |
|
