Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Vuln-Dev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

LightNEasy v.1.2.2 flat Multiple Vulnerabilities

from [darkz . gsa] Network Security [Permanent Link]
Subject: LightNEasy v.1.2.2 flat Multiple Vulnerabilities
Date: 18 Apr 2008 08:10:28 -0000 
LightNEasy v.1.2.2 flat Multiple Vulnerabilities

Author: Gerendi Sandor Attila
Date: April 14, 2008
Package: LightNEasy
Product homepage: http://lightneasy.uni.cc/
Versions Affected: v.1.2.2 (Other versions may also be affected)
Severity: High

1. Cross-Site Scripting (XSS):
Input passed to "page" in "index.php" and "LightNEasy.php" is not properly 
sanitised before being used. This can be exploited to insert arbitrary HTML and 
script code, which is executed in a user's browser session in context of an 
affected site when malicious data is viewed.
Examples:
http://somehost/LightNEasy_1_2_2_flat/index.php?page=%00</title><script>alert("xss")</script>
http://somehost/LightNEasy_1_2_2_flat/LightNEasy.php?page=%00</title><script>alert("xss")</script>

2. Directory Traversal:
Input passed to "page" in "index.php" and "LightNEasy.php" is not properly 
sanitised before being used to include files. This can be exploited to include 
arbitrary files from local resources.
Example:
http://somehost/LightNEasy_1_2_2_flat/LightNEasy.php?page=../../../../../../../include.txt%00
or:

3. Arbitrary File Creation:
Input passed to "page" in "index.php" and "LightNEasy.php" is not properly 
sanitised before being used to create files.

Status:
1. Contacted the author at April 14, 2008 via 
http://www.lightneasy.org/contact.php.
2. A Security patch was released on April 15, 2008.
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • LightNEasy v.1.2.2 flat Multiple Vulnerabilities, darkz . gsa <=
Previous by Date:  5th avenue Shopping Cart SQL Injection, noreply
Next by Date:  Wikepage Wiki v.2007-2 Cross-Site Scripting, darkz . gsa
Previous by Thread:  5th avenue Shopping Cart SQL Injection, noreply
Next by Thread:  Wikepage Wiki v.2007-2 Cross-Site Scripting, darkz . gsa
Indexes:  [Date] [Thread] [Top] [All Lists]