Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

eduTrac 1.1.1-Stable Path Traversal Vulnerability

🗓️ 04 Jan 2014 00:00:00Reported by High-Tech BridgeType 
zdt
 zdt🔗 0day.today👁 42 Views

eduTrac 1.1.1-Stable Path Traversal Vulnerability, Risk Level: Medium, CVE-2013-709

Related
Code
ReporterTitlePublishedViews
Family
Circl		CVE-2013-7097
11 Dec 201300:00
circl
CVE		CVE-2013-7097
8 Jan 201415:00
cve
Cvelist		CVE-2013-7097
8 Jan 201415:00
cvelist
EUVD		EUVD-2013-6883
8 Jan 201415:00
euvd
htbridge		Path Traversal in eduTrac
11 Dec 201300:00
htbridge
NVD		CVE-2013-7097
8 Jan 201415:29
nvd
OpenVAS		7Media Web Solutions EduTrac < 1.1.2 Directory Traversal Vulnerability
22 Jan 201400:00
openvas
Packet Storm		eduTrac 1.1.1-Stable Path Traversal
3 Jan 201400:00
packetstorm
Prion		Directory traversal
8 Jan 201415:29
prion
securityvulns		Path Traversal in eduTrac
9 Jan 201400:00
securityvulns
Rows per page
Product: eduTrac
Vendor: 7 Media Web Solutions, LLC.
Vulnerable Version(s): 1.1.1-Stable and probably prior
Tested Version: 1.1.1-Stable
Advisory Publication:  December 11, 2013  [without technical details]
Vendor Notification: December 11, 2013 
Vendor Patch: December 16, 2013 
Public Disclosure: January 2, 2014 
Vulnerability Type: Path Traversal [CWE-22]
CVE Reference: CVE-2013-7097
Risk Level: Medium 
CVSSv2 Base Score: 5 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
Solution Status: Fixed by Vendor
Discovered and Provided: High-Tech Bridge Security Research Lab ( https://www.htbridge.com/advisory/ ) 

-----------------------------------------------------------------------------------------------

Advisory Details:

High-Tech Bridge Security Research Lab discovered path traversal vulnerability in eduTrac which can be exploited to read arbitrary files on vulnerable system with privileges of web server.


1) Path Traversal in eduTrac: CVE-2013-7097

The vulnerability exists due to insufficient filtration of "showmask" HTTP GET parameter passed to "/installer/overview.php" script before using it in PHP "file_get_contents()" function. A remote attacker can read contents of arbitrary files on the target system.

The exploitation example below reads the "/eduTrac/Config/constants.php" file that contains database login credentials:

http://[host]/installer/overview.php?step=writeconfig&showmask=../../eduTrac/Config/constants.php


-----------------------------------------------------------------------------------------------

Solution:

Update eduTrac to version 1.1.2.

More Information:
http://sourceforge.net/projects/edutrac/files/

#  0day.today [2018-02-06]  #

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
04 Jan 2014 00:00Current
6.5Medium risk
Vulners AI Score6.5
EPSS0.14658
edutracpath traversalvulnerabilityhigh-tech bridge securitycve-2013-7097medium riskupdate 1.1.2
42