| VID |
21640 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The XOOPS program is vulnerable to multiple vulnerabilities which exist in versions prior to 2.0.12. XOOPS is a dynamic object oriented based open source portal system written in PHP. XOOPS versions prior to 2.0.12 are vulnerable to multiple input validation vulnerabilities, which can be exploited by remote attackers to conduct cross-site scripting and SQL injection attacks.
1) A SQL Injection Vulnerability: Input passed to the "xmlrpc.php" script isn't properly sanitized before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
2) Multiple Cross-Site Scripting Vulnerabilities: Input passed to the "order" and "cid" parameters of the "modules/newbb/edit.php", "modules/repository/comment_edit.php" scripts respectively isn't properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of a vulnerable site.
* References:
http://www.gulftech.org/?node=research&article_id=00086-06292005
* Platforms Affected:
XOOPS versions prior to 2.0.12
Microsoft Windows Any version
Linux Any version
Unix Any version |
| Recommendation |
Upgrade to the latest version of PEAR XML-RPC (1.3.1 or later), available from the PEAR XML_RPC Download Web page at http://pear.php.net/manual/en/introduction.php
-- AND --
Upgrade to the latest version of XOOPS (2.0.12 or later), available from the XOOPS Download Web site at http://www.xoops.org/modules/core/ |
| Related URL |
CVE-2005-1921 (CVE) |
| Related URL |
14094,14096 (SecurityFocus) |
| Related URL |
21194 (ISS) |
|
