holisticinfosec.org - HIO-2008-0523 Sava CMS SQLi & XSS

Home
Blog
ISSA JRN's toolsmith
Best Practices
Links
Research
How To
Standards
Publications & Events
Simplicity
Philosophy
GNU GPL
In The News
F-Secure World Map
News
Security News Feeds
Open SRC Definition
Contact
Search

"If it's a good idea, go ahead and do it. It is much easier to ask forgiveness than it is to get permission. - Rear Admiral Dr. Grace Hopper"

RSS

HIO-2008-0523 Sava CMS SQLi & XSS

Sava CMS , prior to version 5.0.122, contains flaws that allow remote cross site scripting and SQL injection attacks.
The XSS flaw exists because the application does not validate the "keywords" variable upon submission to the index.cfm script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
The SQL injection issue exists because the index.cfm script is not properly sanitizing user-supplied input to the "LinkServID" variable. This may allow an attacker to inject or manipulate SQL queries in the backend database.

References:

BID: 29346

OSVDB: 45616 & 45615

SA: 30367

SWID: 1021273

Vendor Solution: Upgrade to version 5.0.122

< Prev		Next >

[ Back ]