| VID |
21595 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The bBlog, according to its version number, has multiple input validation vulnerabilities in 'index.php' script. bBlog is a blog system written in PHP. bBlog versions 0.74 and earlier are vulnerable to multiple input validation vulnerabilities, which can be exploited by remote attackers to conduct cross-site scripting and SQL injection attacks.
1) Multiple Cross-Site Scripting Vulnerabilities: Input passed to the blog entry title field and the comment body text field in "index.php" script is not properly sanitized before being returned to users. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of a vulnerable site.
2) SQL Injection Vulnerability: Input passed to the "postid" parameter in "index.php" isn't properly sanitized before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
* Note: This check solely relied on the version number of the bBlog software installed on the remote Web server to assess this vulnerability, so this might be a false positive.
* References:
http://sourceforge.net/tracker/index.php?func=detail&aid=1188735&group_id=81992&atid=564683
http://www.osvdb.org/displayvuln.php?osvdb_id=15754
http://www.osvdb.org/displayvuln.php?osvdb_id=15755
http://www.osvdb.org/displayvuln.php?osvdb_id=15756
http://securitytracker.com/id?1013811
* Platforms affected:
Eaden McKee, bBlog versions 0.74 and earlier
Any operating system Any version |
| Recommendation |
No upgrade or patch available as of May 2005.
Upgrade to the latest version of bBlog (0.74 later), when new version fixed this problem becomes available from the bBlog Web site at http://www.bblog.com/download.php |
| Related URL |
CVE-2005-1309 (CVE) |
| Related URL |
13397,13398 (SecurityFocus) |
| Related URL |
(ISS) |
|
