Silent-Storm Portal Multiple Input Validation Vulnerabilities

high Nessus Plugin ID 15403

Synopsis

The remote web server contains a PHP application that is affected by multiple vulnerabilities.

Description

The remote host is running Silent-Storm, a web-based forum management software written in PHP.

There are multiple input validation flaws in the remote version of this software :

- There is a cross-site scripting vulnerability involving the 'module' parameter of the 'index.php' script.

- The application fails to sanitize the 'mail' parameter to the 'profile.php' script, which could be abused to inject arbitrary data into the 'users.dat' database file and, for example, gain administrative access to the application.

Solution

Unknown at this time.

See Also

https://seclists.org/bugtraq/2004/Sep/456

Plugin Details

Severity: High

ID: 15403

File Name: silentstorm_xss.nasl

Version: 1.21

Type: remote

Family: CGI abuses

Published: 10/1/2004

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.6

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Ease: No exploit is required

Vulnerability Publication Date: 9/30/2004

Reference Information

CVE: CVE-2004-1566, CVE-2004-1567

BID: 11284

CWE: 20, 442, 629, 711, 712, 722, 725, 74, 750, 751, 79, 800, 801, 809, 811, 864, 900, 928, 931, 990