Contact Us
SECURITY BLOG SECURITY DASHBOARD PARTNERS PRODUCTS JOBS SERVICES COMPANY HOME
 
Security Dashboard | US-CERTs | SecurityFocus | Advisories | Exploits | Threats | Vulnerabilities | Risks
Network Security Consulting Advisories Article

GuestBook Script PHP Multiple SQL Injection and Cross Site Scripting Vulnerabilities

http://www.securityfocus.com/bid/54300

Security Info

Bugtraq ID: 54300
Class: Input Validation Error
CVE:
Remote: Yes
Local: No
Published: Jul 04 2012 12:00AM
Updated: Jul 04 2012 12:00AM
Credit: snup
Vulnerable:
Not Vulnerable:

Security Discussion

GuestBook Script PHP is prone to multiple SQL-injection vulnerabilities and cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied input.

Exploiting these vulnerabilities could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

GuestBook Script PHP 1.5 is vulnerable; other versions may also be affected.

Proof of Concept and Security Exploits

Attackers can use a browser to exploit the SQL-injection issues. An attacker must trick a victim into following a malicious URI to exploit a cross-site scripting issue.

The following example URIs are available:

http://www.example.com/cms/guestbook.php?p=[SQL-INJECTION]
http://www.example.com/cms/guestbook/admin.php?act=comments&orderType=[ASC/DESC]&search=&orderBy=[SQL-INJECTION]
http://www.example.com/cms/guestbook/admin.php?act=comments&orderType=[SQL-INJECTION]
http://www.example.com/cms/guestbook/admin.php?act=comments&orderType=[ASC/DESC]&search=&orderBy=[CROSS SITE SCrIPTING]
http://www.example.com/cms/guestbook/admin.php?act=comments&orderType=[ASC/DESC]&search=[CROSS SITE SCrIPTING]
http://www.example.com/cms/guestbook/admin.php?act=comments&orderType=[CROSS SITE SCrIPTING]

Security Solution(s)

Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com.

Security References(s)

References:

Contact Us

Security Penetration Testing

Security Questions

Security Dashboard

Emagined Security Blog featuring Dr. Eugene Schultz
Site Updated May 23, 2013
©2000-2013 Emagined Security
All Rights Reserved

Secure Web Programming
by Vizual Services