← Advisories

Gnew v2013.1 Multiple XSS And SQL Injection Vulnerabilities

Medium

Advisory ID

ZSL-2013-5153

Release Date

11 August 2013

Vendor

Raoul Proença - http://www.gnew.fr

Affected Version

2013.1

CVE

CVE-2013-5640

Tested On

Microsoft Windows 7 Ultimate SP1 (EN), Apache 2.4.2 (Win32), PHP 5.4.7, MySQL 5.5.25a

Summary

Gnew is a simple Content Management System written with PHP language and using a database server (MySQL, PostgreSQL or SQLite) for storage.

Description

Input passed via several parameters is not properly sanitised before being returned to the user or used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code and HTML/script code in a user's browser session in context of an affected site.

Proof of Concept

gnew_multiple.txtTXT

Disclosure Timeline

09.01.2016Vendor released version 2016.1 to address these issues.

Credits

Vulnerability discovered by Gjoko Krstic

References

[1]http://packetstormsecurity.com/files/122771

[2]http://www.exploit-db.com/exploits/27522/

[3]http://cxsecurity.com/issue/WLB-2013080096

[4]http://www.securityfocus.com/bid/61721

[5]http://secunia.com/advisories/54466/