Information At A Glance
- Source – High-Tech Bridge SA Security Research Lab
- Version/Dependency – 1.4.2 and and earlier
- Developer – zenphoto.org
- Severity – HIGH
Summary
High-tech bridge has identified multiple vulnerabilities in ZenPhoto.
1) Arbitrary PHP Code Execution in ZENphoto: exploitation requires that “viewer_size_image” plugin is enabled
2) SQL Injection in ZENphoto: exploitation requires attacker to be logged-in and have access to “Manage Albums” function.
3) Multiple XSS in ZENphoto: The XSS vulnerabilities can be used against any user with “Manage all albums” privilege.
Fix / Corrective Action(s)
Update to zenphoto-1.4.2.1 see: http://www.zenphoto.org/news/zenphoto-1.4.2.1
Miscellaneous
See : https://www.htbridge.ch/advisory/HTB23070 for full details
Create a Yahoo! Fantasy Baseball Team
Disclaimer: Salvus Alerting provides timely industry related information to its subscriber community and visitors for informational purposes only and makes every effort to distribute accurate and reliable information. Any information provided, is considered “as-is” and the subscriber and/or visitor assumes all responsibility for its uses. Salvus Alerting disclaims all warranties with regard to the information being provided, including all implied warranties of merchantability and fitness. In no event shall Salvus Alerting be liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of use, data or profits, whether in an action of contract, negligence or other legal action, arising out of or in connection with the use or performance of this information being provided. Salvus Systems and Salvus Alerting is a wholly owned and operated by FactNgN, LLC. – as of 02/11/2012