eFront < 3.6.15.4 Build 18023 Multiple Vulnerabilities

medium Nessus Plugin ID 83813

Synopsis

A PHP application running on the remote web server is affected by multiple vulnerabilities.

Description

According to its version number, the version of eFront running on the remote web server is affected by multiple vulnerabilities :

- A path traversal vulnerability exists due to improper sanitization of user-supplied input to the 'file' parameter of the view_file.php script. A remote attacker can exploit this, via a specially crafted request, to gain access to arbitrary files and disclose sensitive information.

- Multiple SQL injection vulnerabilities exist due to improper sanitization of user-supplied input to the 'new_less_id' parameter of the new_sidebar.php script. A remote attacker can exploit these vulnerabilities to manipulate the database.

- A potential PHP object injection issue exists in the copy.php script.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to eFront version 3.6.15.4 Build 18023 or later.

See Also

https://www.securenetwork.it/docs/advisory/SN-15-02_eFront.pdf

https://www.efrontlearning.com/

Plugin Details

Severity: Medium

ID: 83813

File Name: efront_3_6_15_4.nasl

Version: 1.10

Type: remote

Family: CGI abuses

Published: 5/26/2015

Updated: 5/28/2024

Configuration: Enable thorough checks

Supported Sensors: Nessus

Vulnerability Information

CPE: cpe:/a:efrontlearning:efront

Required KB Items: www/PHP, installed_sw/eFront

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Ease: No known exploits are available

Patch Publication Date: 3/24/2015

Vulnerability Publication Date: 5/1/2015

Reference Information

BID: 74582