Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:3819
HistoryNov 28, 2002 - 12:00 a.m.

Cross-site Scripting Vulnerability in ImageFolio Image Gallery Software

2002-11-2800:00:00
vulners.com
11

[Alert URL]

http://www.securitytracker.com/alerts/2002/Nov/1005681.html

[Date]

November 27, 2002

[Title]

Cross-site Scripting Vulnerability in ImageFolio Image Gallery Software

[Vendor]

BizDesign

[Product]

ImageFolio

[URL]

http://www.imagefolio.com/

[Description]

An input validation vulnerability exists in ImageFolio version 3.0.1 and
prior versions. A remote user can conduct cross-site scripting attacks.

The flaw exists in various parameters of the 'nph-build.cgi' admin script
nd the 'imageFolio.cgi' script (and possibly others).

A demonstration exploit is provided:

/cgi-bin/imageFolio.cgi?direct=<script>alert("SecurityHole")</script>

/cgi-bin/if/admin/nph-build.cgi?step=<script>alert("SecurityHole")</script>

This vulnerability can be exploited to steal a user's or administrator's
authentication cookies.

[Vendor Notification]

Jun 9, 2002 - BizDesign (the vendor) was notified and responded that the pending
version 3.0 will contain a fix.
Aug 23, 2002 - Version 3.0 was released without a fix.
Sep 16, 2002 - Version 3.0.1 was released without a fix.
Nov 13, 2002 - Vendor was reminded and responded that the bug will be fixed in
version 3.1, to be released in the beginning of the week of November 18.
Nov 27, 2002 - At the time of this report, the fixed version had not been posted
to the vendor's web site.

[CVE]

CAN-2002-1334

[Credit]

This flaw was discovered by SecurityTracker.com (http://securitytracker.com/&#41;
after investigating a June 9, 2002 post by ET from LoWNOISE to the vuln-dev list:

http://archives.neohapsis.com/archives/vuln-dev/2002-q2/0939.html

For more information, contact SecurityTracker at [email protected]

Related for SECURITYVULNS:DOC:3819