| VID |
21565 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The phpCOIN software is vulnerable to multiple input validation vulnerabilities. phpCOIN is a free software package originally designed for web-hosting resellers to handle clients, orders, invoices, notes and helpdesk. phpCOIN version 1.2.1b and earlier versions are vulnerable to multiple input validation vulnerabilities as follows:
1) A Local File Include Vulnerability: An attacker can execute arbitrary code in the context of the web server user by passing the name of a script or file through the 'page' parameter of the 'auxpage.php' script.
2) Multiple cross-site scripting vulnerabilities: User-supplied input passed to the 'helpdesk' and 'mail' modules as well as the 'login.php' script isn't properly sanitized before being returned to users. These could be exploited to execute arbitrary HTML and script code in a user's browser session in context of a vulnerable site.
3) Multiple SQL injection vulnerabilities: By calling the 'faq' module with a specially crafted 'faq_id' parameter or the 'pages' or 'site' modules with a specially crafted 'id' parameter, a remote attacker can execute arbitrary SQL queries on the underlying database.
* References:
http://secunia.com/advisories/14439/
http://lostmon.blogspot.com/2005/03/phpcoin-posible-sql-injection-comands.html
http://archives.neohapsis.com/archives/bugtraq/2005-03/0508.html
http://www.securitytracker.com/alerts/2005/Mar/1013592.html
* Platforms Affected:
phpCOIN versions 1.2.1b and earlier
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of phpCOIN (1.2.2 or later) available from the phpCOIN Web site at http://www.phpcoin.com/index.php |
| Related URL |
CVE-2005-0669,CVE-2005-0670,CVE-2005-0932,CVE-2005-0933,CVE-2005-0946,CVE-2005-0947 (CVE) |
| Related URL |
12686,12917 (SecurityFocus) |
| Related URL |
19571,19572,19896 (ISS) |
|
