Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: Security  (Read 5776 times)

0 Members and 1 Guest are viewing this topic.

aljareh

  • Coppermine newbie
  • Offline Offline
  • Posts: 14
Security
« on: June 19, 2006, 05:29:43 pm »

ther is alot of xss Cross-Site Scripting i found it in cpg
by this programm it arabic programm
http://www.jaascois.com/software/AntiWebInjection/JAAScoisAWIen.zip
some of xss
http://127.0.0.1/f/misc.php?forget=1&index=1#top<script>alert('hacking%20xss')</script>
http://127.0.0.1/f/forum.php?id=7&show=1&order=1&order_type=DESC#posts_table<script>alert('hacking%20xss')</script>
and  ther alot  of that xss
in cpg
Logged

Sami

  • VIP
  • Coppermine addict
  • ***
  • Offline Offline
  • Gender: Male
  • Posts: 3686
  • BMossavari
    • My Project
Re: Security
« Reply #1 on: June 19, 2006, 05:42:04 pm »

there is no misc.php or forum.php file,I think you examined older version or bridge version or totally other program
Logged
‍I don't answer to PM with support question
Please post your issue to related board

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47844
  • aka "GauGau"
    • gaugau.de
Re: Security
« Reply #2 on: June 19, 2006, 09:03:40 pm »

bmossavari is right: no coppermine version ever contained files named misc.php nor forum.php. As your links point to your local machine, we can't examine any further. Anyway: if your machine can only be accessed locally, why do you worry abot XSS?
If you think you actually found a vulnerability and not some bogus stuff detected by a questionable app that claims to be able to detect XSS vulnerabilities, please post actual details, i.e. vulnerable code snippets that come from coppermine.
As suggested: the "tool" JAAScoisAWIen is very questionable, as google only contains hits for the website of the company that created the tool. How could an executable that only runs under Windows be a reliable webserver security tool? Looks like a trojan to me.
No offense though, thanks for the report.
Logged

Tarique Sani

  • VIP
  • Coppermine addict
  • ***
  • Offline Offline
  • Gender: Male
  • Posts: 2712
    • http://tariquesani.net
Re: Security
« Reply #3 on: June 20, 2006, 06:45:09 am »

Atleast post how to verify the attacks - some URLs which we can replicate the attack with (your given URLs are not relevant to Coppermine)
Logged
SANIsoft PHP applications for E Biz

aljareh

  • Coppermine newbie
  • Offline Offline
  • Posts: 14
Re: Security
« Reply #4 on: June 20, 2006, 08:41:23 am »

bmossavari is right: no coppermine version ever contained files named misc.php nor forum.php. As your links point to your local machine, we can't examine any further. Anyway: if your machine can only be accessed locally, why do you worry abot XSS?
If you think you actually found a vulnerability and not some bogus stuff detected by a questionable app that claims to be able to detect XSS vulnerabilities, please post actual details, i.e. vulnerable code snippets that come from coppermine.
As suggested: the "tool" JAAScoisAWIen is very questionable, as google only contains hits for the website of the company that created the tool. How could an executable that only runs under Windows be a reliable webserver security tool? Looks like a trojan to me.
No offense though, thanks for the report.
hi but the JAAScoisAWIen it's not trojan

im sorry this othoer program it's www.mysmartbb.com it's arabic forum programm
but this in cpg 1.4.x
http://coppermine-gallery.net/demo/cpg14x/thumbnails.php?album=<script>alert('hacking%20xss')</script>

http://coppermine-gallery.net/demo/cpg14x/thumbnails.php?album=toprated&amp;amp=&amp;cat=0&amp;4x=&amp;thumbnails_php?album=toprated&amp;amp;cat=0&amp;lang=english<script>alert('hacking%20xss')</script>

http://coppermine-gallery.net/demo/cpg14x/thumbnails.php?album=favpics&amp;4x=&amp;thumbnails_php?album=favpics&amp;lang=spanish<script>alert('hacking%20xss')</script>

http://coppermine-gallery.net/demo/cpg14x/search.php?4x=&amp;search_php=&amp;lang=danish<script>alert('hacking%20xss')</script>

http://coppermine-gallery.net/demo/cpg14x/search.php?4x=&amp;search_php=&amp;lang=korean<script>alert('hacking%20xss')</script>

http://coppermine-gallery.net/demo/cpg14x/search.php?4x=&amp;search_php=&amp;lang=swedish<script>alert('hacking%20xss')</script>

« Last Edit: June 20, 2006, 08:47:35 am by aljareh »
Logged

Sami

  • VIP
  • Coppermine addict
  • ***
  • Offline Offline
  • Gender: Male
  • Posts: 3686
  • BMossavari
    • My Project
Re: Security
« Reply #5 on: June 20, 2006, 08:59:30 am »

these are not working !!!!
they all get filtered by gallery :)
every "<" will be come "&lt;" so you will not be able to cross ;)
« Last Edit: June 20, 2006, 09:27:12 am by bmossavari »
Logged
‍I don't answer to PM with support question
Please post your issue to related board

Tarique Sani

  • VIP
  • Coppermine addict
  • ***
  • Offline Offline
  • Gender: Male
  • Posts: 2712
    • http://tariquesani.net
Re: Security
« Reply #6 on: June 20, 2006, 09:15:12 am »

bmossavari is right none of the above result in an XSS
Logged
SANIsoft PHP applications for E Biz
Pages: [1]   Go Up
 

Page created in 0.017 seconds with 20 queries.