| VID |
21550 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The PostNuke software is vulnerable to multiple input validation vulnerabilities. PostNuke, developed by Francisco Burzi, is a freely available, open source PHP-based content management system (CMS). PostNuke versions 0.760-RC3 and earlier are vulnerable to multiple input validation vulnerabilities, which can be exploited by remote attackers to conduct cross-site scripting and SQL injection attacks.
1) Input passed to the 'op' parameter of the 'user.php' script and the 'module' parameter of the 'admin.php' script are not properly sanitized before being returned to users. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of a vulnerable site.
2) Input passed to the 'sid' parameter in the 'modules.php' script isn't properly sanitized before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
* Platforms Affected:
Francisco Burzi, PostNuke versions 0.760 RC3 and earlier
Any operating system Any version |
| Recommendation |
No upgrade or patch available as of April 2005.
Upgrade to the new version of PostNuke (0.760 RC4 or later), when new version fixed this problem becomes available from the PostNuke Web site at http://www.postnuke.com/index.php?module=Navigation |
| Related URL |
CVE-2005-1048,CVE-2005-1049,CVE-2005-1050 (CVE) |
| Related URL |
13075,13076,13077 (SecurityFocus) |
| Related URL |
20018,20019 (ISS) |
|
