Vulners
Lucene search
lightneasy 3.2.2 - Multiple Vulnerabilities
Vulnerability ID: HTB22750
Reference: http://www.htbridge.ch/advisory/sql_injection_in_lightneasy.html
Product: LightNEasy
Vendor: Fernando Baptista ( http://www.lightneasy.org/ )
Vulnerable Version: 3.2.2
Vendor Notification: 15 December 2010
Vulnerability Type: SQL Injection
Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response
Risk level: High
Credit: High-Tech Bridge SA - Ethical Hacking & Penetration Testing (http://www.htbridge.ch/)
Vulnerability Details:
The vulnerability exists due to failure in the "/LightNEasy.php" script to properly sanitize user-supplied input in "handle" variable.
Attacker can alter queries to the application SQL database, execute arbitrary queries to the database, compromise the application, access or modify sensitive data, or exploit various vulnerabilities in the underlying SQL database.
The following PoC is available:
<form action="http://[host]/LightNEasy.php?do=login" method="post" name="main" >
<input type="hidden" name="handle" value='123"SQL_CODE_HERE'/>
<input type="hidden" name="password" value="1"/>
<input type="hidden" name="do" value="login"/>
<input type="submit" value="submit" name="submit" />
</form>
Vulnerability ID: HTB22751
Reference: http://www.htbridge.ch/advisory/information_disclosure_in_lightneasy.html
Product: LightNEasy
Vendor: Fernando Baptista ( http://www.lightneasy.org/ )
Vulnerable Version: 3.2.2
Vendor Notification: 15 December 2010
Vulnerability Type: Information disclosure
Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response
Risk level: Low
Credit: High-Tech Bridge SA - Ethical Hacking & Penetration Testing (http://www.htbridge.ch/)
Vulnerability Details:
The vulnerability exists due to failure in the "/LightNEasy.php" script to properly sanitize user-supplied input in "page" variable, it's possible to generate an sql query error that will reveal the database tables prefix.
The following PoC is available:
http://[host]/LightNEasy.php?page=1\
Vulnerability ID: HTB22753
Reference: http://www.htbridge.ch/advisory/path_disclosure_in_lightneasy.html
Product: LightNEasy
Vendor: Fernando Baptista ( http://www.lightneasy.org/ )
Vulnerable Version: 3.2.2
Vendor Notification: 15 December 2010
Vulnerability Type: Path disclosure
Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response
Risk level: Low
Credit: High-Tech Bridge SA - Ethical Hacking & Penetration Testing (http://www.htbridge.ch/)
Vulnerability Details:
The vulnerability exists due to failure in the "/addons/contact/main.php", "/addons/downloads/main.php", "/addons/gallery/main.php" scripts, it's possible to generate an error that will reveal the full path of the script.
A remote user can determine the full path to the web root directory and other potentially sensitive information.
The following PoC is available:
http://[host]/addons/contact/main.php
http://[host]/addons/downloads/main.php
http://[host]/addons/gallery/main.php
Vulnerability ID: HTB22754
Reference: http://www.htbridge.ch/advisory/sql_injection_in_lightneasy_1.html
Product: LightNEasy
Vendor: Fernando Baptista ( http://www.lightneasy.org/ )
Vulnerable Version: 3.2.2
Vendor Notification: 15 December 2010
Vulnerability Type: SQL Injection
Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response
Risk level: High
Credit: High-Tech Bridge SA - Ethical Hacking & Penetration Testing (http://www.htbridge.ch/)
Vulnerability Details:
The vulnerability exists due to failure in the "/LightNEasy.php" script to properly sanitize user-supplied input in "handle" variable from cookies.
Attacker can alter queries to the application SQL database, execute arbitrary queries to the database, compromise the application, access or modify sensitive data, or exploit various vulnerabilities in the underlying SQL database.
The following PoC is available:
GET / HTTP/1.1
Cookie: userhandle=123"SQL_CODE_HERE
Vulnerability ID: HTB22752
Reference: http://www.htbridge.ch/advisory/lfi_in_lightneasy.html
Product: LightNEasy
Vendor: Fernando Baptista ( http://www.lightneasy.org/ )
Vulnerable Version: 3.2.2
Vendor Notification: 15 December 2010
Vulnerability Type: LFI
Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response
Risk level: High
Credit: High-Tech Bridge SA - Ethical Hacking & Penetration Testing (http://www.htbridge.ch/)
Vulnerability Details:
The vulnerability exists due to failure in the "/addons/contact/main.php" script to properly sanitize user-supplied input in "set[language]" variable then register_globals is on.
The following PoC is available:
http://[host]/addons/contact/main.php?set[language]=/../../../../../../gpl.txt%00
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
01 Jul 2014 00:00Current
6.7Medium risk
Vulners AI Score6.7