header-logo
Suggest Exploit
vendor:
phpBugTracker
by:
Unknown
7.5
CVSS
HIGH
Input Validation
89
CWE
Product Name: phpBugTracker
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: NO
Related CWE: CVE-2004-0491, CVE-2004-0492, CVE-2004-0493, CVE-2004-0494
CPE: a:phpbugtracker:phpbugtracker
Metasploit: https://www.rapid7.com/db/vulnerabilities/http-apache-mod-proxy-negative-length-bof/https://www.rapid7.com/db/vulnerabilities/apache-httpd-cve-2004-0492/https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2004-0492/https://www.rapid7.com/db/vulnerabilities/freebsd-vid-ca6c8f35-0a5f-11d9-ad6f-00061bc2ad93/https://www.rapid7.com/db/vulnerabilities/http-apache-long-header-vuln/https://www.rapid7.com/db/vulnerabilities/apache-httpd-cve-2004-0493/https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2004-0493/https://www.rapid7.com/db/vulnerabilities/freebsd-vid-7884d56f-f7a1-11d8-9837-000c41e2cdad/https://www.rapid7.com/db/vulnerabilities/suse-cve-2004-0494/
Other Scripts:
Platforms Tested:
Unknown

phpBugTracker Input Validation Vulnerabilities

Multiple input validation vulnerabilities in phpBugTracker allow remote attackers to execute arbitrary SQL commands via (1) the bugid parameter in bug.php?op=show, (2) the bugid parameter in bug.php?op=vote, (3) the bugid parameter in bug.php?op=viewvotes, or (4) the project parameter in bug.php?op=add, which are not properly sanitized before being used in SQL queries. This can lead to unauthorized access to sensitive information, corruption of database data, and exploitation of underlying database vulnerabilities. Additionally, phpBugTracker is prone to cross-site scripting (XSS) and HTML injection issues, which enable attackers to execute arbitrary script code in the browser of unsuspecting users. This can result in the theft of authentication credentials and other sensitive information.

Mitigation:

To mitigate these vulnerabilities, it is recommended to implement proper input validation and sanitization mechanisms in phpBugTracker. This includes validating and filtering user-supplied input to prevent SQL injection, cross-site scripting, and HTML injection attacks. Additionally, keeping the software up-to-date with the latest patches and security fixes is crucial.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/10153/info
  
Reportedly phpBugTracker contains multiple input validation vulnerabilities; it is prone to multiple SQL injection, cross-site scripting and HTML injection issues. These issues are all due to a failure of the application to properly sanitize user supplied input.
  
The SQL injection issues may allow a remote attacker to manipulate query logic, potentially leading to unauthorized access to sensitive information such as the administrator password hash or corruption of database data. SQL injection attacks may also potentially be used to exploit latent vulnerabilities in the underlying database implementation.
  
The cross-site scripting and HTML injection issues may allow an attacker to execute arbitrary script code in the browser of an unsuspecting user. It may be possible to steal the unsuspecting user's cookie-based authentication credentials, as well as other sensitive information. Other attacks may also be possible.

http://www.example.com/bug.php?op=show&bugid=[XSS]
http://www.example.com/bug.php?op=vote&bugid=[XSS]
http://www.example.com/bug.php?op=viewvotes&bugid=[XSS]
http://www.example.com/bug.php?op=add&project=[XSS]

Navigation

Suggest Exploit

Services By CQR