oss-security September 2010 archive
Main Archive Page > Month Archives  > oss-security archives
oss-security: [oss-security] CVE request: pixelpost

[oss-security] CVE request: pixelpost

From: Raphael Geissert <geissert_at_nospam>
Date: Fri Sep 17 2010 - 01:29:08 GMT
To: oss-security@lists.openwall.com

Hi everyone,

Multiple vulnerabilities have been reported against pixelpost:

1) A CSRF vulnerability allows changes to some settings (PoC allows changing
the administrator's password.) [1]
2) SQL injection [2]
3) XSS [2]

2) and 3) are from 2009, so I guess we are going to need some help from
Steven for those ones. The only information about those is [3] which has
some other changes.

It also appears to be using PHP_SELF in some places, so that's another XSS
vector. Will confirm it later.

[1] http://www.exploit-db.com/exploits/15014/
[2] http://www.pixelpost.org/blog/2009/09/02/pixelpost-173-security-update/
[3] http://pastie.textmate.org/616485

-- Raphael Geissert - Debian Developer www.debian.org - get.debian.net