← Advisories

Ovidentia 7.9.4 Multiple Remote Vulnerabilities

Medium
Advisory ID
ZSL-2013-5154
Release Date
22 August 2013
Vendor
Cantico - http://www.ovidentia.org
Affected Version
7.9.4
CVE
N/A
Tested On
Microsoft Windows 7 Ultimate SP1 (EN), Apache 2.4.2 (Win32), PHP 5.4.7, MySQL 5.5.25a
Summary

Ovidentia is both a content management system (CMS) and a collaborative environment (Groupware).

Description

Input passed via several parameters is not properly sanitized before being returned to the user or used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code and HTML/script code in a user's browser session in context of an affected site.

Proof of Concept
ovidentia_multiple.txtTXT
Disclosure Timeline
N/A
Credits
Vulnerability discovered by Gjoko Krstic
References
[1]http://packetstormsecurity.com/files/122896
[2]http://secunia.com/advisories/54587/
[3]http://cxsecurity.com/issue/WLB-2013080177
[4]http://www.securityfocus.com/bid/61936
[5]http://www.exploit-db.com/exploits/27771/
[6]http://www.osvdb.org/show/osvdb/96516
[7]http://1337day.com/1337day-2013-21147
[8]http://forums.cnet.com/7726-6132_102-5489845.html
[9]http://www.securelist.com/en/advisories/54587
[10]http://securitytracker.com/id/1028943
[11]http://www.eeye.com/resources/security-center/research/zero-day-tracker/2013/20130822
[12]http://xforce.iss.net/xforce/xfdb/86603
[13]http://xforce.iss.net/xforce/xfdb/86605
[14]http://xforce.iss.net/xforce/xfdb/86606
Changelog
22.08.2013Initial release
23.08.2013Added reference [6]
24.08.2013Added reference [7], [8] and [9]
26.08.2013Added reference [10]
07.09.2013Added reference [11]
14.10.2013Added reference [12], [13] and [14]