Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

phpCoin.txt

🗓️ 02 Apr 2005 00:00:00Reported by James BercegayType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 22 Views

phpCoin v1.2.1b and earlier web-hosting software prone to SQL Injection and File Inclusion vulnerabilitie

Code
`##########################################################  
# GulfTech Security Research March 28th, 2005  
##########################################################  
# Vendor : COINSoft Technologies Inc.  
# URL : http://www.phpcoin.com/  
# Version : phpCoin v1.2.1b && Earlier  
# Risk : Multiple Vulnerabilities  
##########################################################  
  
  
  
Description:  
phpCoin is a free software package originally designed for   
web-hosting resellers to handle clients, orders, invoices,   
notes and helpdesk. phpCoin versions 1.2.1b and earlier are  
prone to multiple vulnerabilities such as File Inclusion and   
SQL Injection.  
  
  
  
SQL Injection:  
There are three SQL Injection vulnerabilities in  
phpCoin v1.2.1b and earlier. Two of the issues are not very  
easy to exploit, but one (in the search engine) is very useful.  
The SQL Injection issue in the search engine is pretty straight  
forward, as entering the query of your choice after breaking out  
of single quotes in the search term/keywords field. The other  
two SQL Injection issues take place when ordering a product, and  
when requesting a forgotten password. When requesting a forgotten  
password, neither the username or email fields are safe from SQL   
Injection. Also, when ordering a new package you can put an allowed  
domain name such as test.ca followed by sql as long as you break  
out of the single quotes. It should be noted that these issues   
probably will not present themselves if magic_quotes_gpc is on.  
  
  
  
File Include Vulnerability:  
There is a local file include vulnerability in auxpage.php when  
calling the 'page' parameter  
  
http://phpcoin/auxpage.php?page=../../../some/other/file  
  
Using a similar example as above an attacker could traverse out  
of the directory and include arbitrary files to be read or executed.  
  
  
  
Solution:  
The guys at phpCoin worked very quickly to get a fix out, and a fix   
has been available for a while now. Upgrade your vulnerable version.  
  
  
  
Related Info:  
The original advisory can be found at the following location  
http://www.gulftech.org/?node=research&article_id=00065-03292005  
  
  
  
Credits:  
James Bercegay of the GulfTech Security Research Team  
  
--   
No virus found in this outgoing message.  
Checked by AVG Anti-Virus.  
Version: 7.0.308 / Virus Database: 266.8.3 - Release Date: 3/25/2005  
  
  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
02 Apr 2005 00:00Current
7.4High risk
Vulners AI Score7.4
phpcoinweb-hostingsql injectionfile inclusionvulnerabilitiescoinsoft technologies incgulftech security research
22