SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   KnowledgeBank Vendors:   knowledgebank.sourceforge.net
KnowledgeBank Input Validation Holes Permit Cross-Site Scripting Attacks
SecurityTracker Alert ID:  1017097
SecurityTracker URL:  http://securitytracker.com/id/1017097
CVE Reference:   CVE-2006-5496   (Links to External Site)
Updated:  Jun 3 2008
Original Entry Date:  Oct 20 2006
Impact:   Disclosure of authentication information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information

Version(s): 1.01
Description:   A vulnerability was reported in KnowledgeBank. A remote user can conduct cross-site scripting attacks.

The 'addknowledge.php' and 'addscreenshot.php' scripts do not properly filter HTML code from user-supplied input before displaying the input. A remote user can cause arbitrary scripting code to be executed by the target user's browser. The code will originate from the site running the KnowledgeBank software and will run in the security context of that site. As a result, the code will be able to access the target user's cookies (including authentication cookies), if any, associated with the site, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.

The Security Team at Armorize Technologies, Inc. discovered this vulnerability.

The original advisory is available at:

http://www.armorize.com/advisory.php?Keyword=Armorize-ADV-2006-0006

Impact:   A remote user can access the target user's cookies (including authentication cookies), if any, associated with the site running the KnowledgeBank software, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.
Solution:   No solution was available at the time of this entry.
Vendor URL:  knowledgebank.sourceforge.net/ (Links to External Site)
Cause:   Input validation error
Underlying OS:  Linux (Any), UNIX (Any), Windows (Any)

Message History:   None.


 Source Message Contents

Subject:  Multiple XSS Vulnerabilities in KnowledgeBank 1.01

Armorize Technologies Security Advisory

Advisory No:
Armorize-ADV-2006-0006

Status:
Partial

Date:
2006/10/19

Summary:
Armorize-ADV-2006-0006 discloses multiple cross-site scripting vulnerabilities that are found in KnowledgeBank (http://sourceforge.net/projects/knowledgebank/),
 which is a is a PHP/mySQL web app that allows you to create a searchable database application with categories, subcategories, and
 screenshots.

Affected Software:
KnowledgeBank 1.01

Vulnerability Description:
Cross-Site Scripting

Analysis/Impact:
Privacy leakages from the client-side may lead to session hijacking, identity theft and information theft.

Detection/Exploit(partial):
addknowledge.php
addscreenshot.php

Protection/Solution:
1. Escape every questionable URI and HTML script.
2. Remove prohibited user input.

Credit: Security Team at Armorize Technologies, Inc. (security@armorize.com)


Additional Information:
Link to this Armorize advisory
http://www.armorize.com/advisory.php?Keyword=Armorize-ADV-2006-0006

Links to all Armorize advisories
http://www.armorize.com/advisory/

Links to Armorize vulnerability database
http://www.armorize.com/resources/vulnerability.php

Armorize Technologies is delivering the world's most advanced source code analysis solution for Web application security based on
 its award-winning and patent-pending verification technologies. Addressing security early in the software development life cycle
 (SDLC), Armorize CodeSecure proactively identifies and traces vulnerabilities in Web application source code, effectively hardening
 websites against today's ever growing security threats. CodeSecure's zero-false-positive accuracy, traceback support and Web 2.0-based
 interface make it the premium Web application security solution. For more information please visit: http://www.armorize.com.

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC