chCounter <= 3.1.3: Multiple vulnerabilities

Users of chCounter <= 3.1.3 please be advised of Multiple vulnerabilities that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)

chCounte-SA-11/19/2010: Multiple vulnerabilities in chCounter <= 3.1.3
Multiple vulnerabilities were found in web application chCounter <= 3.1.3.
=SQLInjection=
Location: administration/index.php?cat=downloads&edit=
Affected parameters: anzahl
Description: When accessing
administration/index.php?cat=downloads&edit=VALID_ID
and using a valid download id, an attacker is able to manipulate the
“anzahl”
parameter to perform queries which only involve returning an integer.
The query
output will be sent back to the client in the “anzahl” text input.
=XSS=
Location: administration/index.php?cat=downloads&edit=
Affected parameters: anzahl and wert
Description: When accessing
administration/index.php?cat=downloads&edit=VALID_ID
and using a valid download id, an attacker is able to insert html tags
in the “wert”
parameter. Once the attacker has done that, manupulating “anzahl”
parameter so that
the result sql query is malformed will result in the injected code being
parsed by the
web browser.Read more at http://www.criticalwatch.com
 

Advertisements