AOH :: HP Unsorted Z :: B1A-1400.HTM

Zoph Multiple Parameter Cross Site Scripting Vulnerabilities



Zoph Multiple Parameter Cross Site Scripting Vulnerabilities
Zoph Multiple Parameter Cross Site Scripting Vulnerabilities



Zoph Multiple Parameter Cross Site Scripting Vulnerabilities


I. BACKGROUND
---------------------

"Zoph (Zoph Organizes Photos) is a web based digital image presentation
and management system. In other words, a photo album. It is built with
PHP, MySQL and Perl."


II. VULNERABILITIES
---------------------

VUPEN Web Vulnerability Research Team discovered multiple vulnerabilities in
Zoph.

These issues are caused by input validation errors in various scripts when
processing the "user_name", "title", "called", "email", "dob", 
"middle_name",
"last_name", "first_name", "subject", "message", "photographer_id",
"person_id", "_random", "_rating-op", "rating", "timestamp" and
"_timestamp-op" parameters, which could be exploited to cause arbitrary
scripting code to be executed by the user's browser in the security
context of an affected Web site.


III. AFFECTED PRODUCTS
---------------------------

Zoph versions prior to 0.8.0.3
Zoph versions prior to 0.8.1.1


IV. SOLUTION
----------------

Upgrade to Zoph version 0.8.0.3 or 0.8.1.1 :
http://www.zoph.org/concrete/index.php/download/ 


V. CREDIT
--------------

These vulnerabilities were discovered by Mohammed Boumediane (VUPEN 
Security)
with help of the VUPEN Web Application Security Scanning (WASS) technology:

http://www.vupen.com/english/services/wass-index.php 


VI. VUPEN Web Application Security Scanner (WASS)
----------------------------------------------------

VUPEN Web Application Security Scanner (WASS) is a SaaS security scanning
technology which enables corporations and organizations to identify, track
and remediate security vulnerabilities affecting their web sites and
web applications, prevent criminals from gaining unauthorized access to
sensitive data, and comply with security requirements such as PCI.

Read More: http://www.vupen.com/english/services/wass-index.php 


VII. REFERENCES
----------------------

http://www.vupen.com/english/advisories/2010/1680 
http://www.zoph.org/concrete/index.php/news/security-releases-for-zoph/ 


VIII. DISCLOSURE TIMELINE
-----------------------------

2010-05-05 - Vendor notified
2010-05-30 - Vendor response
2010-07-02 - Coordinated public Disclosure




The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.