Xtreme ASP Photo Gallery

2007.11.08
Credit: posidron
Risk: Medium
Local: No
Remote: Yes
CVE: CVE-2004-2746
CWE: CWE-89


CVSS Base Score: 7.5/10
Impact Subscore: 6.4/10
Exploitability Subscore: 10/10
Exploit range: Remote
Attack complexity: Low
Authentication: No required
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: Partial

Tripbit Security Research tripbit.org Security Advisory Advisory ID: TA-150104 Release Date: January 15th, 2004 Application: Xtreme ASP Photo Gallery 2.0 Severity: Medium/High Impact: Admin access Class: Input Validation Error Vendor: http:// www.pensacolawebdesigns.com/ Overview ------------------------------------------------------------------------ -------------- XTREME ASP Photo Gallery is a photo gallery that allows easy photo management and complete administration via a web based interface. This interface offers many more features than conventional web based photo gallery's do. With XTREME ASP Photo Gallery, you can configure everything including colors, text styles, amount of imaged displayed per page and much more. Details ------------------------------------------------------------------------ -------------- Xtreme ASP Photo Gallery Version 2.0 is prone to a common SQL injection vulnerability. The problem occurs when handling user-supplied username and password data supplied to authentication procedures. http://[host]/photoalbum/admin/adminlogin.asp If we type: Username: 'or' Password: 'or' we gain admin access about the password protected administrative pages. Recommendation ------------------------------------------------------------------------ -------------- No solution for the moment. Vendor Response ------------------------------------------------------------------------ -------------- The vendor has reportedly been notified to this report. Disclaimer ------------------------------------------------------------------------ -------------- The information within this paper may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties with regard to this information. In no event shall the author be liable for any damages whatsoever arising out of or in connection with the use or spread of this information. Any use of this information is at the user's own risk. Additional information ------------------------------------------------------------------------ -------------- These vulnerability have been found and researched by: posidron posidron (at) tripbit (dot) org [email concealed] rushjo rushjo (at) tripbit (dot) org [email concealed] You can find the last version of this warning in: http://www.tripbit.org/advisories/TA-150104.txt


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top