Multiple input validation vulnerabilities in PhotoPost Pro

vendor:

PhotoPost Pro

by:

SecurityFocus

7.5

CVSS

HIGH

Cross-site scripting and SQL injection

89, 89, 89, 89

CWE

Product Name: PhotoPost Pro

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: YES

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2005

Multiple input validation vulnerabilities in PhotoPost Pro

Multiple input validation vulnerabilities reportedly affect PhotoPost Pro. These issues are due to a failure of the application to properly sanitize user-supplied input prior to using it to carry out critical actions. The first set of issues are cross-site scripting vulnerabilities that affect the 'slideshow.php', 'showgallery.php', and 'showmembers.php' scripts. These issues arise as the application fails to properly sanitize input passed through the offending functions before including it in dynamically generated Web content. The second set of issues are SQL injection vulnerabilities that affect the 'showmembers.php' and 'showphoto.php' scripts. The application includes the value of the offending parameters without sanitization, allowing an attacker to inject SQL syntax and manipulate SQL queries.

Mitigation:

Input validation should be performed to ensure that untrusted data is not used to manipulate SQL queries.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/12920/info
   
Multiple input validation vulnerabilities reportedly affect PhotoPost Pro. These issues are due to a failure of the application to properly sanitize user-supplied input prior to using it to carry out critical actions.
   
The first set of issues are cross-site scripting vulnerabilities that affect the 'slideshow.php', 'showgallery.php', and 'showmembers.php' scripts. These issues arise as the application fails to properly sanitize input passed through the offending functions before including it in dynamically generated Web content.
   
The second set of issues are SQL injection vulnerabilities that affect the 'showmembers.php' and 'showphoto.php' scripts. The application includes the value of the offending parameters without sanitization, allowing an attacker to inject SQL syntax and manipulate SQL queries.
   
An attacker may leverage these issues to carry out cross-site scripting and SQL injection attacks against the affected application. This may result in the theft of authentication credentials, destruction or disclosure of sensitive data, and potentially other attacks.

http://www.example.com/photos/showmembers.php?sl='SQL_INJECTION