Sahana Agasti Multiple Input Validation Vulnerabilities Network Vulnerability

Summary

Sahana Agasti is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker can exploit these vulnerabilities to obtain potentially sensitive information and to execute arbitrary local scripts in the context of the webserver process, which may aid in redirecting users to a potentially malicious site. This may allow the attacker to compromise the application and the computer and may aid in phishing attacks other attacks are also possible. Sahana Agasti versions 0.6.5 and prior are vulnerable.

Solution

Vendor updates are available. Please contact the vendor for details.

References

http://www.sahanafoundation.org/
http://www.sahanafoundation.org/Sahana066
https://launchpad.net/sahana-agasti/
https://www.securityfocus.com/bid/45730

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Apache ActiveMQ Source Code Information Disclosure Vulnerability
Apache Struts2/XWork Remote Command Execution Vulnerability
Apache Tomcat 'sendfile' Request Attributes Information Disclosure Vulnerability
Apache Tomcat source.jsp malformed request information disclosure
Advanced Image Hosting Cross Site Scripting Vulnerability

Take action and discover your vulnerabilities