| VID |
21741 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
A version of PHP-Fusion which is older than version 6.00.110 is detected as installed on the host. PHP-Fusion is a freely available content management system (CMS) written in PHP which uses MySQL. PHP-Fusion versions 6.00.109 and earlier could allow a remote attacker to execute arbitrary SQL commands, caused by improper filtering of user-supplied input passed to various parameters of the faq.php, register.php script, photogallery.php, and messages.php scripts. If the magic_quotes_gpc option is disabled, these vulnerabilities could permit a remote attacker to pass malicious input to database queries, potentially resulting in data exposure, modification of the query logic, or even data modification or attacks against the database itself.
* Note: This check solely relied on the version number of PHP-Fusion installed on the remote Web server to assess this vulnerability, so this might be a false positive.
* References:
http://securityfocus.org/archive/1/411909
http://archives.neohapsis.com/archives/secunia/2005-q4/0021.html
http://www.gnucitizen.org/writings/php-fusion-messages.php-sql-injection-vulnerability.xhtml
http://secunia.com/secunia_research/2005-52/advisory
* Platforms Affected:
digitanium, PHP-Fusion versions 6.00.109 and earlier
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of PHP-Fusion (6.00.110 or later), available from the PHP-Fusion Web page http://sourceforge.net/projects/php-fusion/ |
| Related URL |
CVE-2005-3157,CVE-2005-3158,CVE-2005-3160,CVE-2005-3161 (CVE) |
| Related URL |
14964,14992,15005,15018 (SecurityFocus) |
| Related URL |
22509,22532 (ISS) |
|
