[OPENADS-SA-2007-001] phpAdsNew and phpPgAds 2.0.9-pr1 vulnerability fixed Jan 24 2007 06:03PM
Matteo Beccati (php beccati com)

Openads security advisory OPENADS-SA-2007-001

Advisory ID: OPENADS-SA-2007-001
Date: 2007-Jan-24
Security risk: low risk
Applications affetced: phpAdsNew, phpPgAds
Versions affected: <= phpAdsNew 2.0.9-pr1, phpPgAds 2.0.9-pr1
Versions not affected: >= Openads 2.0.10, Openads for PostgreSQL 2.0.10


Vulnerability: Cross-site scripting

This is the description of the vulnerability recieved by JPCERT:

"We have confirmed that in admin-search.php, scripts included in
'keyword' parameter is shown without proper sanitization thus the
script could be executed.

However a user needs to login the system as administrator, which makes
the exploit technically difficult.

If this vulnerability is exploited, by script execution, a user's
session ID included in HTTP Cookie might be stolen. Also there's a risk
that the contents of phpAdsNew are falsified temporarily."

- JVN#07274813: http://jvn.jp/jp/JVN%2307274813/index.html

- The vulnerability was fixed in Openads and Openads for PostgreSQL
2.0.10 (released on Jan 18th), but we suggest you to upgrade to
Openads or Openads for PostgreSQL 2.0.11 released today.

Contact informations

The security contact for Openads can be reached at:
<security AT openads DOT org>

Best regards
Matteo Beccati

[ reply ]


Privacy Statement
Copyright 2010, SecurityFocus