Web application abuses : BugTracker.NET Cross-Site Scripting and SQL Injection Vulnerabilities

Vulnerability Search		Search 219043 CVE descriptions and 99761 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.902407

Category: Web application abuses

Title: BugTracker.NET Cross-Site Scripting and SQL Injection Vulnerabilities

Summary: The host is running BugTracker.NET and is prone to cross-site; scripting and SQL injection vulnerabilities.

Description: Summary:
The host is running BugTracker.NET and is prone to cross-site
scripting and SQL injection vulnerabilities.

Vulnerability Insight:
The flaws are due to:

- Input passed to the 'pcd' parameter in edit_bug.aspx, 'bug_id' parameter
in edit_comment.aspx, 'default_name' parameter in edit_customfield.aspx,
and 'id' parameter in edit_user_permissions2.aspx is not properly sanitised
before being returned to the user.

- Input passed via the 'qu_id' parameter to bugs.aspx, 'row_id' parameter to
delete_query.aspx, 'us_id' and 'new_project' parameters to edit_bug.aspx,
and 'bug_list' parameter to massedit.aspx is not properly sanitised before
being used in a SQL query.

Vulnerability Impact:
Successful exploitation will allow attacker to cause SQL Injection attack
and to conduct cross-site scripting attacks.

Affected Software/OS:
BugTracker.NET version prior to 3.4.5.

Solution:
Upgrade to BugTracker.NET version 3.4.5 or later.

CVSS Score:
6.5

CVSS Vector:
AV:N/AC:L/Au:S/C:P/I:P/A:P

Cross-Ref: BugTraq ID: 45121
Common Vulnerability Exposure (CVE) ID: CVE-2010-3266
http://www.securityfocus.com/bid/45121
Bugtraq: 20101130 CORE-2010-1109 - Multiple vulnerabilities in BugTracker.Net (Google Search)
http://www.securityfocus.com/archive/1/514957/100/0/threaded
http://www.exploit-db.com/exploits/15653
http://www.coresecurity.com/content/multiple-vulnerabilities-in-bugtracker
http://secunia.com/advisories/42418
Common Vulnerability Exposure (CVE) ID: CVE-2010-3267

Copyright Copyright (C) 2011 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.902407
Category:	Web application abuses
Title:	BugTracker.NET Cross-Site Scripting and SQL Injection Vulnerabilities
Summary:	The host is running BugTracker.NET and is prone to cross-site; scripting and SQL injection vulnerabilities.
Description:	Summary: The host is running BugTracker.NET and is prone to cross-site scripting and SQL injection vulnerabilities. Vulnerability Insight: The flaws are due to: - Input passed to the 'pcd' parameter in edit_bug.aspx, 'bug_id' parameter in edit_comment.aspx, 'default_name' parameter in edit_customfield.aspx, and 'id' parameter in edit_user_permissions2.aspx is not properly sanitised before being returned to the user. - Input passed via the 'qu_id' parameter to bugs.aspx, 'row_id' parameter to delete_query.aspx, 'us_id' and 'new_project' parameters to edit_bug.aspx, and 'bug_list' parameter to massedit.aspx is not properly sanitised before being used in a SQL query. Vulnerability Impact: Successful exploitation will allow attacker to cause SQL Injection attack and to conduct cross-site scripting attacks. Affected Software/OS: BugTracker.NET version prior to 3.4.5. Solution: Upgrade to BugTracker.NET version 3.4.5 or later. CVSS Score: 6.5 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Cross-Ref:	BugTraq ID: 45121 Common Vulnerability Exposure (CVE) ID: CVE-2010-3266 http://www.securityfocus.com/bid/45121 Bugtraq: 20101130 CORE-2010-1109 - Multiple vulnerabilities in BugTracker.Net (Google Search) http://www.securityfocus.com/archive/1/514957/100/0/threaded http://www.exploit-db.com/exploits/15653 http://www.coresecurity.com/content/multiple-vulnerabilities-in-bugtracker http://secunia.com/advisories/42418 Common Vulnerability Exposure (CVE) ID: CVE-2010-3267
Copyright	Copyright (C) 2011 Greenbone Networks GmbH