Vulners
Lucene search
Reportico Admin Credential Leak
| Reporter | Title | Published | Views | Family All 7 |
|---|---|---|---|---|
 | Reportico < 4.0 Information Disclosure Vulnerability | 10 Jul 201400:00 | – | nessus |
 | CVE-2014-3777 | 16 Jul 201414:00 | – | cve |
 | CVE-2014-3777 | 16 Jul 201414:00 | – | cvelist |
 | EUVD-2014-3716 | 7 Oct 202500:30 | – | euvd |
 | CVE-2014-3777 | 16 Jul 201414:19 | – | nvd |
 | Directory traversal | 16 Jul 201414:19 | – | prion |
 | Directory Traversal | 30 Jul 201722:56 | – | veracode |
`
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
SECV-05-1402 - Reportico software admin credentials leak
Product description:
Reportico is a comprehensive Open Source web reporting tool written
purely in PHP. Reportico provides a web-based front end screen for
designing and viewing reports stored in XML format. Reportico supports
flexible criteria selection and reports may be presented in HTML, PDF,
CSV, XML and JSON formats. Groups, graphs, expressions and drilldowns
are also easily incorporated and reports may be embedded into existing
web pages with a few lines of PHP.
CVE-ID: CVE-2014-3777
Affected versions: All versions prior to 4.0 including plugins
Vendor url:http://www.reportico.org
Vulnerability status: Fixed
Advisory url: http://www.secveritas.com/secv-05-1402.html
Vulnerability details:
By loading the admin template an attacker could access all information
for a report including database credentials and admin password for the
report.
This could be obtained due lack of proper check of the URL parameter
xmlin. By changing the parameter in the HTTP request to
xmlin=../admin/configureproject.xml an attacker would obtain project
administration.
Timeline:
13th May 14 - First contact with reportico.org developer
15th May 14 - Vulnerability reported with evidences and full problem
description and fix proposal
18th May 14 - Correction of the problem following proposal from SECVeritas
20th May 14 - New version made available for re-testing
21st May 14 - New version tested some sugestions made for improvement
1st Jun 14 - Final version created by developer, waiting for release
28th Jun 14 - Public disclosure of the vulnerability.
Credits:
ms - secveritas.com
2014
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBAgAGBQJTrC/CAAoJEN3eoZ/uAn514A0H/08oAI7WQCZ8x+vVpq3oYPr+
5+rvSKAhW+GGNnEo7Xe8El4p7J4IxVpncGpCfO8X9NBVMP3rdnweaCrSoylmBoej
dzhxXAZYPZkekKBSBAqVoTK7RMHj1ptDjG2vt/Z5wQM+ywK9hB03fxQWJ5LwTCZK
SbBZa6Sa53SIJqhAK5MWa0+zCTaScs39jj2GVhwYkQd7YhsztcGf0bCj1MFByUVA
/9YKqamBuhymk2JjXl4KPIZX01zFe3/GEcYU6kupuKirgi/kh1CsmDMlfi9+cdrn
QWv3VW/V3XbpyPuzOt+TCbBo48CnxqcYRB2QhiFI9eyxLJbdFqW2piIhvnNKAJo=
=+6d1
-----END PGP SIGNATURE-----
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
28 Jun 2014 00:00Current
6.7Medium risk
Vulners AI Score6.7
EPSS0.00206