Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
packetstormMsPACKETSTORM:127280
HistoryJun 28, 2014 - 12:00 a.m.

Reportico Admin Credential Leak

2014-06-2800:00:00
ms
packetstormsecurity.com
31

0.003 Low

EPSS

Percentile

71.8%

JSON
`  
-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA1  
  
SECV-05-1402 - Reportico software admin credentials leak  
  
Product description:  
  
Reportico is a comprehensive Open Source web reporting tool written  
purely in PHP. Reportico provides a web-based front end screen for  
designing and viewing reports stored in XML format. Reportico supports  
flexible criteria selection and reports may be presented in HTML, PDF,  
CSV, XML and JSON formats. Groups, graphs, expressions and drilldowns  
are also easily incorporated and reports may be embedded into existing  
web pages with a few lines of PHP.  
  
CVE-ID: CVE-2014-3777  
  
Affected versions: All versions prior to 4.0 including plugins  
Vendor url:http://www.reportico.org  
Vulnerability status: Fixed  
Advisory url: http://www.secveritas.com/secv-05-1402.html  
  
Vulnerability details:  
  
By loading the admin template an attacker could access all information  
for a report including database credentials and admin password for the  
report.  
This could be obtained due lack of proper check of the URL parameter  
xmlin. By changing the parameter in the HTTP request to  
xmlin=../admin/configureproject.xml an attacker would obtain project  
administration.  
  
Timeline:  
  
13th May 14 - First contact with reportico.org developer  
15th May 14 - Vulnerability reported with evidences and full problem  
description and fix proposal  
18th May 14 - Correction of the problem following proposal from SECVeritas  
20th May 14 - New version made available for re-testing  
21st May 14 - New version tested some sugestions made for improvement  
1st Jun 14 - Final version created by developer, waiting for release  
28th Jun 14 - Public disclosure of the vulnerability.  
  
Credits:  
ms - secveritas.com  
2014  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1  
  
iQEcBAEBAgAGBQJTrC/CAAoJEN3eoZ/uAn514A0H/08oAI7WQCZ8x+vVpq3oYPr+  
5+rvSKAhW+GGNnEo7Xe8El4p7J4IxVpncGpCfO8X9NBVMP3rdnweaCrSoylmBoej  
dzhxXAZYPZkekKBSBAqVoTK7RMHj1ptDjG2vt/Z5wQM+ywK9hB03fxQWJ5LwTCZK  
SbBZa6Sa53SIJqhAK5MWa0+zCTaScs39jj2GVhwYkQd7YhsztcGf0bCj1MFByUVA  
/9YKqamBuhymk2JjXl4KPIZX01zFe3/GEcYU6kupuKirgi/kh1CsmDMlfi9+cdrn  
QWv3VW/V3XbpyPuzOt+TCbBo48CnxqcYRB2QhiFI9eyxLJbdFqW2piIhvnNKAJo=  
=+6d1  
-----END PGP SIGNATURE-----  
  
  
  
`

Related

prion 1
cvelist 1
cve 1
veracode 1
nvd 1
prion
prion
Directory traversal
2014-07-16 14:19:00
cvelist
cvelist
CVE-2014-3777
2014-07-16 14:00:00
cve
cve
CVE-2014-3777
2014-07-16 14:19:03
veracode
veracode
Directory Traversal
2017-07-30 22:56:39
nvd
nvd
CVE-2014-3777
2014-07-16 14:19:03

0.003 Low

EPSS

Percentile

71.8%

JSON
Related for PACKETSTORM:127280
prion1cvelist1cve1veracode1nvd1