Basic search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:24180
HistoryJul 07, 2010 - 12:00 a.m.

Zoph Multiple Parameter Cross Site Scripting Vulnerabilities

2010-07-0700:00:00
vulners.com
24

Zoph Multiple Parameter Cross Site Scripting Vulnerabilities

I. BACKGROUND

"Zoph (Zoph Organizes Photos) is a web based digital image presentation
and management system. In other words, a photo album. It is built with
PHP, MySQL and Perl."

II. VULNERABILITIES

VUPEN Web Vulnerability Research Team discovered multiple vulnerabilities in
Zoph.

These issues are caused by input validation errors in various scripts when
processing the "user_name", "title", "called", "email", "dob",
"middle_name",
"last_name", "first_name", "subject", "message", "photographer_id",
"person_id", "_random", "_rating-op", "rating", "timestamp" and
"_timestamp-op" parameters, which could be exploited to cause arbitrary
scripting code to be executed by the user's browser in the security
context of an affected Web site.

III. AFFECTED PRODUCTS

Zoph versions prior to 0.8.0.3
Zoph versions prior to 0.8.1.1

IV. SOLUTION

Upgrade to Zoph version 0.8.0.3 or 0.8.1.1 :
http://www.zoph.org/concrete/index.php/download/

V. CREDIT

These vulnerabilities were discovered by Mohammed Boumediane (VUPEN
Security)
with help of the VUPEN Web Application Security Scanning (WASS) technology:

http://www.vupen.com/english/services/wass-index.php

VI. VUPEN Web Application Security Scanner (WASS)

VUPEN Web Application Security Scanner (WASS) is a SaaS security scanning
technology which enables corporations and organizations to identify, track
and remediate security vulnerabilities affecting their web sites and
web applications, prevent criminals from gaining unauthorized access to
sensitive data, and comply with security requirements such as PCI.

Read More: http://www.vupen.com/english/services/wass-index.php

VII. REFERENCES

http://www.vupen.com/english/advisories/2010/1680
http://www.zoph.org/concrete/index.php/news/security-releases-for-zoph/

VIII. DISCLOSURE TIMELINE

2010-05-05 - Vendor notified
2010-05-30 - Vendor response
2010-07-02 - Coordinated public Disclosure