Title: AproxEngine Multiple Remote Input Validation Vulnerabilities
Severity: HIGH
Description:
AproxEngine is a PHP-based content manager.
AproxEngine is prone to multiple vulnerabilities:
1. SQL-injection issues affect the following scripts and parameters:
'index.php': 'login', 'art', 'Referer' HTTP header
'index.php': 'to', 'betreff', and 'elm1' when the 'page' parameter is set to 'sql_postfach' and the 'action' parameter is set to 'new'
'index.php': multiple unspecified parameters when the 'page' parameter is set to 'sql_profil' and the 'action' parameter is set to 'list' (Note that attackers require administrative privileges to exploit these issues on AproxEngine 6.0.)
'index.php': 'generator', 'author', 'description', and 'keywords' when the 'page' parameter is set to 'user_html_ed' and the 'action' parameter is set to 'open'
2. HTML-injection issues affect the following scripts and parameters:
'index.php': 'login', 'password'
'index.php': 'generator', 'author', 'description', and 'keywords' when the 'page' parameter is set to 'user_html_ed' and the 'action' parameter is set to 'open'
'index.php': 'mail' when the 'page' parameter is set to 'sql_profil' and the 'action' parameter is set to 'list' (Note that attackers require administrative privileges to exploit these issues on AproxEngine 6.0.)
'index.php': 'betreff' when the 'page' parameter is set to 'sql_postfach' and the 'action' parameter is set to 'new'
3. Directory-traversal vulnerabilities affect the following scripts and parameters:
'engine/inc/galerie_unlink.php': 'datei'
'engine/inc/galerie_del_verz.php': 'del_verz'
Attackers can use directory-traversal characters to delete arbitrary directories. Attackers require administrative privileges to exploit these issues.
4. An input-validation issue affects the 'from' parameter of the 'index.php' script when the 'page' parameter is set to 'sql_postfach' and the 'action' parameter is set to 'new'. Attackers can leverage this issue to masquerade as the administrator and send spoofed emails to users.
Attackers can exploit these issues to execute arbitrary script code in the context of the webserver, compromise the application, obtain sensitive information, steal cookie-based authentication credentials from legitimate users of the site, modify the way the site is rendered, perform certain unauthorized actions in the context of a user, access or modify data, or exploit latent vulnerabilities in the underlying database.
Attackers may require administrative privileges to exploit some of these issues.
AproxEngine 5.3.04 and 6.0 are vulnerable; other versions may also be affected.
Affected Products:
- Aprox Portal Aprox CMS Engine 5.3.04
- Aprox Portal Aprox CMS Engine 6.0
References:
- Aprox Engine: Aprox CMS Engine Homepage
- Secunia Research: Secunia Research: AproxEngine Multiple Vulnerabilities
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
