| VID |
21619 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The e107 Website System is vulnerable to an information disclosure vulnerability in the db.php script. e107 is a freely available, Web content management system written in PHP. e107 version 0.555b and earlier versions could allow a remote attacker to obtain sensitive information. By sending a specially-crafted POST request using 'dump_sql' as the value for the submit variable,
a remote attacker can invoke the dump_sql routine without prior authentication. Information returned to the attacker may include sensitive information such as the MD5 hashes of the passwords of the users of the affected Web site.
* References:
http://www.securityfocus.com/archive/1/330332
http://www.e107.org/comment.php?392
* Platforms Affected:
e107 version 0.555b and earlier versions
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of e107 (0.617 or later), available from the e107 Web page at http://www.e107.org .
As a workaround, if the db.php script is not required, delete it from the /admin directory. |
| Related URL |
(CVE) |
| Related URL |
8273 (SecurityFocus) |
| Related URL |
12739 (ISS) |
|
