[3/5] VirtueMart File Disclosure and Cross-Site Request Forgery Vulnerabilities

January 31st, 2008 by

[3/5] VirtueMart File Disclosure and Cross-Site Request Forgery Vulnerabilities

:Two vulnerabilities have been reported in VirtueMart, which can be exploited by malicious people to conduct cross-site request forgery attacks or to disclose sensitive information.1) Input passed to the application when viewing a product is not properly verified before being used to read files. This can be exploited to read arbitrary files from local resources.2) The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the request. This can be exploited to perform restricted actions by tricking a user into opening a malicious webpage.The vulnerabilities are reported in versions prior to 1.0.14.Solution:Update to version 1.0.14 or apply patches.https://dev.virtuemart.net/cb/proj/doc.do?doc_id=1006Provided and/or discovered by:Reported by the vendor.Original Advisory:1) http://virtuemart.net/index.php?optio…p;task=view&id=275&Itemid=1272) http://virtuemart.net/index.php?optio…p;task=view&id=276&Itemid=127

Original post by manisha

[3/5] VirtueMart File Disclosure and Cross-Site Request Forgery Vulnerabilities

Related Articles:

[3/5] VirtueMart Unspecified PHP Code Execution

[2/5] DVD Rental System Cross-Site Scripting and Request Forgery

[2/5] ZyXEL P-330W Cross-Site Scripting and Request Forgery Vulnerabilities

[2/5] ikiwiki Cross-Site Request Forgery Vulnerabilities

[2/5] OTRS Cross-Site Scripting and Cross-Site Request Forgery

Posted in Advisories - Exploits | | [3/5] VirtueMart File Disclosure and Cross-Site Request Forgery Vulnerabilities

<< [3/5] WordPress WassUp Plugin “to_date” SQL Injection Vulnerability | [4/5] SwiftView Viewer ActiveX Control/Plug-in Buffer Overflows >>

Cybertrion Systems

[3/5] VirtueMart File Disclosure and Cross-Site Request Forgery Vulnerabilities

Categories

Archives:

Search:

Meta: