Summary
This host is installed with WordPress
Digital Zoom Studio (DZS) Video Gallery Plugin and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow remote
attackers to execute arbitrary script code in a user's browser session within the trust relationship between their browser and the server, result in loss of confidentiality and execute arbitrary commands.
Impact Level: Application
Solution
No solution or patch is available as of 30th
January, 2015. Information regarding this issue will updated once the solution details are available. For updates refer to http://digitalzoomstudio.net/
Insight
Multiple flaws exist as,
- Input passed via 'designrand'and 'swfloc' parameters to dzs-videogallery/deploy/designer/preview.php script is not properly validated before returning it to users.
- Direct request for the /videogallery.php and /admin/sliderexport.php scripts discloses the software's installation path.
- Input passed via the 'src' parameter is not properly sanitized upon submission to the img.php script.
Affected
WordPress Digital Zoom Studio (DZS) Video
Gallery Plugin
Detection
Send a crafted data via HTTP GET request
and check whether it is able to read cookie or not.
References
Severity
Classification
-
CVE CVE-2014-9094 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities
- @Mail 'MailType' Parameter Cross Site Scripting Vulnerability
- Apache Struts Showcase Multiple Persistence Cross-Site Scripting Vulnerabilities
- Apache Struts CookBook/Examples Multiple Cross-Site Scripting Vulnerabilities
- aeNovo Database Content Disclosure Vulnerability
- An Image Gallery Multiple Cross-Site Scripting Vulnerability