BugTraq
Zoph Multiple Parameter Cross Site Scripting Vulnerabilities Jul 02 2010 01:49PM
VUPEN Web Security (advisories vupen com)
Zoph Multiple Parameter Cross Site Scripting Vulnerabilities

I. BACKGROUND
---------------------

"Zoph (Zoph Organizes Photos) is a web based digital image presentation
and management system. In other words, a photo album. It is built with
PHP, MySQL and Perl."

II. VULNERABILITIES
---------------------

VUPEN Web Vulnerability Research Team discovered multiple vulnerabilities in
Zoph.

These issues are caused by input validation errors in various scripts when
processing the "user_name", "title", "called", "email", "dob",
"middle_name",
"last_name", "first_name", "subject", "message", "photographer_id",
"person_id", "_random", "_rating-op", "rating", "timestamp" and
"_timestamp-op" parameters, which could be exploited to cause arbitrary
scripting code to be executed by the user's browser in the security
context of an affected Web site.

III. AFFECTED PRODUCTS
---------------------------

Zoph versions prior to 0.8.0.3
Zoph versions prior to 0.8.1.1

IV. SOLUTION
----------------

Upgrade to Zoph version 0.8.0.3 or 0.8.1.1 :
http://www.zoph.org/concrete/index.php/download/

V. CREDIT
--------------

These vulnerabilities were discovered by Mohammed Boumediane (VUPEN
Security)
with help of the VUPEN Web Application Security Scanning (WASS) technology:

http://www.vupen.com/english/services/wass-index.php

VI. VUPEN Web Application Security Scanner (WASS)
----------------------------------------------------

VUPEN Web Application Security Scanner (WASS) is a SaaS security scanning
technology which enables corporations and organizations to identify, track
and remediate security vulnerabilities affecting their web sites and
web applications, prevent criminals from gaining unauthorized access to
sensitive data, and comply with security requirements such as PCI.

Read More: http://www.vupen.com/english/services/wass-index.php

VII. REFERENCES
----------------------

http://www.vupen.com/english/advisories/2010/1680
http://www.zoph.org/concrete/index.php/news/security-releases-for-zoph/

VIII. DISCLOSURE TIMELINE
-----------------------------

2010-05-05 - Vendor notified
2010-05-30 - Vendor response
2010-07-02 - Coordinated public Disclosure

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus