ZenPhoto Cross Site Scripting and SQL Injection Vulnerabilities

Medium Nessus Network Monitor Plugin ID 8019

Synopsis

The remote server is running a version of ZenPhoto Gallery that may be vulnerable to cross site scripting and SQL injection attacks.

Description

The remote host is running a version of ZenPhoto Gallery that may be vulnerable to cross site scripting and SQL injection attacks, due to insufficient user input sanitation. Attackers can exploit these issues to execute arbitrary code in the context of the browser, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database; other attacks are also possible.

Solution

The problems have been fixed by version 1.4.5.4, but a login issue introduced in this version caused the vendor to release a newer update. Upgrade to version 1.4.5.5 or later.

See Also

http://www.zenphoto.org

http://seclists.org/bugtraq/2013/Oct/20

http://www.zenphoto.org/news/zenphoto-1.4.5.5

Plugin Details

Severity: Medium

ID: 8019

File Name: 8019.prm

Published: 2013/10/08

Modified: 2016/01/30

Dependencies: 1442

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 6.5

Temporal Score: 5.7

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

CVSSv3

Base Score: 6.3

Temporal Score: 6

Vector: CVSS3#AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS3#E:X/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:zenphoto:zenphoto

Patch Publication Date: 2013/10/03

Vulnerability Publication Date: 2013/10/03

Reference Information

BID: 62815

OSVDB: 98091, 98092