PHP Labs proFile index.php Multiple Variable XSS

2005-04-18T07:39:22
ID OSVDB:15697
Type osvdb
Reporter sNKenjoi(snkenjoi@gmail.com)
Modified 2005-04-18T07:39:22

Description

Vulnerability Description

PHP Labs proFile contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate multiple variables upon submission to the 'index.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

PHP Labs proFile contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate multiple variables upon submission to the 'index.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

Manual Testing Notes

http://[victim]/index.php?act=load&dir=[XSS] http://[victim]/index.php?act=delete&dir=&file=[XSS] http://[victim]/index.php?act=copy&dir=&file=[XSS] http://[victim]/index.php?act=rename&dir=&file=[XSS]

References:

Vendor URL: http://phplabs.com/ Security Tracker: 1013756 Secunia Advisory ID:15027 Other Advisory URL: http://osvdb.org/ref/15/15697-profile-xss.txt Other Advisory URL: http://www.snkenjoi.com/secadv/secadv7.txt ISS X-Force ID: 20169 CVE-2005-1233 Bugtraq ID: 13276 Bugtraq ID: 13282