| HIO-2009-0228 LinPHA 1.3.4 CSRF & XSS |
|
|
|
|
LinPHA 1.3.4 and earlier. "an easy to use, multilingual, flexible photo/image archive/album/gallery written in PHP", exhibits cross-site request forgery and cross-site scripting vulnerabilities. CSRF:This vulnerability allows users to perform certain actions via HTTP requests without performing any validation by the admin.php script to verify the requests, including the ability to create or delete accounts by tricking an administrative user into visiting a malicious web site. XSS: Input passed via POST to the "friend_full_name" parameter is not properly sanitised by the admin.php script before being returned to the user. This can be exploited to execute persistent arbitrary HTML and script code in a user's browser session in the context of an affected site. Input passed via GET to the "imgid" parameter is not properly sanitised by the image_resized_view.php script before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in the context of an affected site. References: CVE-2009-pending BID: 34422 FrSIRT: N/A Nessus:N/A SA: 34130 Related: Vendor Solution: |
| < Prev | Next > |
|---|