Claroline 'notfound.php' Cross-Site Scripting Vulnerability Network Vulnerability

Summary

The host is running Claroline and is prone to SQL Injection Vulnerability.

Impact

Successful exploitation will allow attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. Impact Level: Application

Solution

upgrade to the version version 1.8.12 or later For updates refer tohttp://www.claroline.net/download/stable.html

Insight

The flaw is due to, - error in 'claroline/linker/notfound.php' which is not properly sanitising input data passed via the 'Referer' header, before being returned to the user. - error in 'group/group.php' which is not properly sanitising input data passed to the 'sort' parameter, before being used in an SQL query.

Affected

Claroline Version 1.8.11 and prior

References

http://gsasec.blogspot.com/2009/05/claroline-v1811-cross-site-scripting.html
http://secunia.com/advisories/35019
http://xforce.iss.net/xforce/xfdb/50404

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-1907
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Admidio get_file.php Remote File Disclosure Vulnerability
Advantech WebAccess Multiple Stack Based Buffer Overflow Vulnerabilities
Apache Struts2 'XWork' Information Disclosure Vulnerability
Apache Tomcat Multiple Vulnerabilities June-09
Apache Struts2/XWork Remote Command Execution Vulnerability

Take action and discover your vulnerabilities