This host is running Gnew and is prone to multiple vulnerabilities

Successful exploitation will allow remote attackers to execute arbitrary HTML script code in a user's browser session in the context of an affected site, and inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data. Impact Level: Application

No solution or patch was made available for at least one year since disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one.

Multiple flaws in Gnew exists due to, - Insufficient filtration of 'friend_email' HTTP POST parameter passed to /news/send.php and users/password.php scripts, 'user_email' HTTP POST parameter passed to /users/register.php script, 'news_id' HTTP POST parameter passed to news/send.php script, 'thread_id' HTTP POST parameter passed to posts/edit.php script, 'story_id' HTTP POST parameter passed to comments/index.php script, 'answer_id' and 'question_id' HTTP POST parameters passed to polls/vote.php script, 'category_id' HTTP POST parameter passed to news/submit.php script, 'post_subject' and 'thread_id' HTTP POST parameters passed to posts/edit.php script. - Insufficient validation of user-supplied input passed via the 'gnew_language' cookie to /users/login.php script.

Gnew version 2013.1, Other versions may also be affected.

Send a crafted exploit string via HTTP POST request and check whether it is able to read cookie or not.

• http://packetstormsecurity.com/files/123482
• http://seclists.org/bugtraq/2013/Oct/7
• http://secunia.com/advisories/54466
• http://www.exploit-db.com/exploits/28684

---

Updated on 2015-03-25