|
|
|
|
| |
| ImageFolio is a platform independent, webserver-based, software product suite that fully automates the process of viewing, publishing, maintaining, distributing, archiving, and marketing your web-based multimedia gallery or store. ImageFolio supports all media types, including images, video, and sound. A vulnerability in the product allows remote attackers to cause it to display third-party content. |
| |
Credit:
The information has been provided by Stuart Moore.
|
| |
Vulnerable systems:
* ImageFolio version 3.0.1
An input validation vulnerability exists in ImageFolio version 3.0.1 and prior versions. A remote user can conduct cross-site scripting attacks.
The flaw exists in various parameters of the 'nph-build.cgi' admin script and the 'imageFolio.cgi' script (and possibly others).
A demonstration exploit is provided:
/cgi-bin/imageFolio.cgi?direct=<script>alert("SecurityHole")</script>
/cgi-bin/if/admin/nph-build.cgi?step=<script>alert("SecurityHole")</script>
This vulnerability can be exploited to steal a user's or administrator's authentication cookies.
Vendor Notification:
Jun 9, 2002 - BizDesign (the vendor) was notified and responded that the pending version 3.0 will contain a fix.
Aug 23, 2002 - Version 3.0 was released without a fix.
Sep 16, 2002 - Version 3.0.1 was released without a fix.
Nov 13, 2002 - Vendor was reminded and responded that the bug will be fixed in version 3.1, to be released in the beginning of the week of November 18.
Nov 27, 2002 - At the time of this report, the fixed version had not been posted to the vendor's web site.
|
|
|
|
|
