Web application abuses : IceHrm Multiple Security Vulnerabilities

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.805032

Kategorie: Web application abuses

Titel: IceHrm Multiple Security Vulnerabilities

Zusammenfassung: This host is installed with IceHrm and; is prone to multiple vulnerabilities.

Beschreibung: Summary:
This host is installed with IceHrm and
is prone to multiple vulnerabilities.

Vulnerability Insight:
Flaws are due to:

- The service.php script not properly sanitizing user input, specifically
path traversal style attacks (e.g. '../../') supplied to the 'file'
parameter.

- The index.php script not properly sanitizing user input, specifically path
traversal style attacks (e.g. '../../') supplied to the 'n' and 'g'
parameters.

- The fileupload.php script does not properly verify or sanitize user-uploaded
files via the 'file_name' POST parameter.

- The login.php script does not validate input to the 'key' parameter before
returning it to users.

- The fileupload_page.php script does not validate input to the 'id',
'file_group', 'user' and 'msg' parameter before returning it to users.

- The /data/ folder that is due to the program failing to restrict users
from making direct requests to profile images for users or employees.

- The HTTP requests to service.php do not require multiple steps, explicit
confirmation, or a unique token when performing certain sensitive actions.

Vulnerability Impact:
Successful exploitation will allow attacker
to execute arbitrary script code in the context of the vulnerable site,
potentially allowing the attacker to steal cookie-based authentication
credentials, upload arbitrary files to the affected application, read and
write arbitrary files in the context of the user running the affected
application, and obtain potentially sensitive information.

Affected Software/OS:
IceHrm version 7.1 and prior.

Solution:
Upgrade to IceHrm 7.2 or later.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Querverweis: BugTraq ID: 71552

Copyright Copyright (C) 2014 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.805032
Kategorie:	Web application abuses
Titel:	IceHrm Multiple Security Vulnerabilities
Zusammenfassung:	This host is installed with IceHrm and; is prone to multiple vulnerabilities.
Beschreibung:	Summary: This host is installed with IceHrm and is prone to multiple vulnerabilities. Vulnerability Insight: Flaws are due to: - The service.php script not properly sanitizing user input, specifically path traversal style attacks (e.g. '../../') supplied to the 'file' parameter. - The index.php script not properly sanitizing user input, specifically path traversal style attacks (e.g. '../../') supplied to the 'n' and 'g' parameters. - The fileupload.php script does not properly verify or sanitize user-uploaded files via the 'file_name' POST parameter. - The login.php script does not validate input to the 'key' parameter before returning it to users. - The fileupload_page.php script does not validate input to the 'id', 'file_group', 'user' and 'msg' parameter before returning it to users. - The /data/ folder that is due to the program failing to restrict users from making direct requests to profile images for users or employees. - The HTTP requests to service.php do not require multiple steps, explicit confirmation, or a unique token when performing certain sensitive actions. Vulnerability Impact: Successful exploitation will allow attacker to execute arbitrary script code in the context of the vulnerable site, potentially allowing the attacker to steal cookie-based authentication credentials, upload arbitrary files to the affected application, read and write arbitrary files in the context of the user running the affected application, and obtain potentially sensitive information. Affected Software/OS: IceHrm version 7.1 and prior. Solution: Upgrade to IceHrm 7.2 or later. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	BugTraq ID: 71552
Copyright	Copyright (C) 2014 Greenbone Networks GmbH