Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

PHP Photo Album < 2.0.14 Multiple Vulnerabilities

High

Synopsis

The remote web server contains a script that is vulnerable to a SQL injection attack.

Description

The remote host is running Photo Album, a phpBB module that enables users to easily share photo albums via the internet. This version of Photo Album is vulnerable to a SQL injection attack within the 'mode' parameter of the album_search.php script. An attacker exploiting this flaw would send a malformed query to the album_search.php script which, when processed, would give the attacker the ability to read and/or modify data. In addition, the attacker may be able to execute arbitrary code. Photo Album is also vulnerable to a Cross-Site Scripting (XSS) attack within the 'sid' parameter of the album_cat.php and album_comment.php scripts. An attacker exploiting this flaw would need to convince a user to browse to a malicious URI. Successful exploitation would result in attacker code running within the victim browser possibly resulting in the loss of confidential data (such as cookies).

Solution

Upgrade to version 2.0.14 or higher.