Vote! Pro PHP *eval()* Injection Vulnerability

Posted on Tuesday, January 23, 2007 @ 11:40:03 PST in Security
by Raven

SECUNIA ADVISORY ID: SA23834

VERIFY ADVISORY: http://secunia.com/advisories/23834/

CRITICAL: Highly critical

IMPACT: System access

SOFTWARE: Vote! Pro 4.x - http://secunia.com/product/13306/

DESCRIPTION: r0ut3r has reported a vulnerability in Vote! Pro, which can be exploited by malicious people to compromise vulnerable systems.

Input passed to the "poll_id" parameter in poll_frame.php is not properly sanitised before being used in "eval()" calls. This can be exploited to inject and execute arbitrary PHP code via a specially crafted parameter value. The vulnerability is reported in version 4.0. Other versions may also be affected.

NOTE: The "poll_id" eval() issue reportedly affects many other scripts in the product.

SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: r0ut3r
 
 
click Related        click Share
 
News ©

Site Info v2.2.2

Last SeenLast Seen
Server TrafficServer Traffic
  • Total: 359,494,775
  • Today: 40,485
Server InfoServer Info
  • Jun 25, 2018
  • 07:10 am PDT
 
 

Daily Inspiration