Summary
The host is running Flashlight Free Edition and is prone to SQL Injection and Directory Traversal Vulnerability.
Impact
Successful exploitation could allow remote attackers to view, add, modify or delete information in the back end database or include arbitrary files from local and remote resources to compromise a vulnerable server.
Impact Level: Network/System
Solution
No solution or patch was made available for at least one year since disclosure of this vulnerability. Likely none will be provided anymore.
General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one.
Insight
Flaws are due to,
- An error in 'read.php' which is not properly sanitizing user supplied input before being used in SQL queries via 'id' parameter.
- An error in 'admin.php' which is not properly sanitizing user supplied input before being used via a .. (dot dot) in the action 'parameter' which causes directory traversal attacks in the application context.
Affected
Flashlight Free version 1.0 on all running platform.
References
Updated on 2017-03-28
Severity
Classification
-
CVE CVE-2009-4204, CVE-2009-4205 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- AV Arcade 'ava_code' Cookie Parameter SQL Injection Vulnerability
- ActivDesk Multiple Cross Site Scripting and SQL Injection Vulnerabilities
- Atutor AChecker Multiple SQL Injection and XSS Vulnerabilities
- ActualAnalyzer Lite 'ant' Cookie Parameter Remote Command Execution Vulnerability
- Artmedic Kleinanzeigen File Inclusion Vulnerability