eggblog vuln.

Type securityvulns
Reporter Securityvulns
Modified 2005-12-23T00:00:00


eggblog vuln.

Vuln. discovered by : r0t Date: 22 dec. 2005 orginal advisory: vendor: affected version:eggblog v2.0 and prior

Product Description:

eggblog is a small, simple, secure and open source blogging package. Anyone with a php and mysql enabled server can make use of our easy to install package to create their own personal blog.

Vuln. Description:

1. eggblog contains a flaw that allows a remote sql injection attacks.Input passed to the "q" parameter in "/forum/search.php" isn't properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code

2. eggblog contains a flaw that allows a remote cross site scripting attack. This flaw exists because input passed to parameters in "home/search.php" and when performing a search isn't properly sanitised before being returned to the user. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

Solution: Edit the source code to ensure that input is properly sanitised.