Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

PBLang Bulletin Board Multiple HTML Injection and XSS

Medium

Synopsis

The remote host is vulnerable to multiple attack vectors.

Description

The remote host is running PBLang, a bulletin board system written in PHP. This version of PBLang is vulnerable to a remote Cross-Site Scripting (XSS) flaw. In addition, this version of PBLang is vulnerable to an HTML injection flaw within the pmpshow.php script. An attacker exploiting these flaws would be need to be able to convince a user to click on a malicious URL. Upon successful exploitation, the attacker would be able to steal credentials or execute code within the browser. A third flaw, which does not require user interaction, has been discovered with this version of PBLang. Specifically, files outside of the web root may be displayed to remote users. This sort of attack is known as a 'directory-traversal' attack, and would allow an attacker to craft a remote query such that the returned data would contain potentially confidential data (/etc/passwd file, HTTPD configuration files, and more.)

Solution

Upgrade or patch according to vendor recommendations.