exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Reportico Admin Credential Leak

Reportico Admin Credential Leak
Posted Jun 28, 2014
Authored by ms

All versions of Reportico prior to version 4.0 leak administrative credentials.

tags | exploit
advisories | CVE-2014-3777
SHA-256 | bd1450f20357956964a7bd5ecdd048add4ad38d1adb05a2e8bd7b0372ebd710a
Download | Favorite | View

Reportico Admin Credential Leak

Change Mirror Download

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SECV-05-1402 - Reportico software admin credentials leak

Product description:

Reportico is a comprehensive Open Source web reporting tool written
purely in PHP. Reportico provides a web-based front end screen for
designing and viewing reports stored in XML format. Reportico supports
flexible criteria selection and reports may be presented in HTML, PDF,
CSV, XML and JSON formats. Groups, graphs, expressions and drilldowns
are also easily incorporated and reports may be embedded into existing
web pages with a few lines of PHP.

CVE-ID: CVE-2014-3777

Affected versions: All versions prior to 4.0 including plugins
Vendor url:http://www.reportico.org
Vulnerability status: Fixed
Advisory url: http://www.secveritas.com/secv-05-1402.html

Vulnerability details:

By loading the admin template an attacker could access all information
for a report including database credentials and admin password for the
report.
 This could be obtained due lack of proper check of the URL parameter
xmlin. By changing the parameter in the HTTP request to
xmlin=../admin/configureproject.xml an attacker would obtain project
administration.

Timeline:

13th May 14 - First contact with reportico.org developer
15th May 14 - Vulnerability reported with evidences and full problem
description and fix proposal
18th May 14 - Correction of the problem following proposal from SECVeritas
20th May 14 - New version made available for re-testing
21st May 14 - New version tested some sugestions made for improvement
1st  Jun 14 - Final version created by developer, waiting for release
28th Jun 14 - Public disclosure of the vulnerability.

Credits:
ms - secveritas.com
2014
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJTrC/CAAoJEN3eoZ/uAn514A0H/08oAI7WQCZ8x+vVpq3oYPr+
5+rvSKAhW+GGNnEo7Xe8El4p7J4IxVpncGpCfO8X9NBVMP3rdnweaCrSoylmBoej
dzhxXAZYPZkekKBSBAqVoTK7RMHj1ptDjG2vt/Z5wQM+ywK9hB03fxQWJ5LwTCZK
SbBZa6Sa53SIJqhAK5MWa0+zCTaScs39jj2GVhwYkQd7YhsztcGf0bCj1MFByUVA
/9YKqamBuhymk2JjXl4KPIZX01zFe3/GEcYU6kupuKirgi/kh1CsmDMlfi9+cdrn
QWv3VW/V3XbpyPuzOt+TCbBo48CnxqcYRB2QhiFI9eyxLJbdFqW2piIhvnNKAJo=
=+6d1
-----END PGP SIGNATURE-----



Login or Register to add favorites

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    40 Files
  • 13
    Sep 13th
    18 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    21 Files
  • 17
    Sep 17th
    51 Files
  • 18
    Sep 18th
    23 Files
  • 19
    Sep 19th
    48 Files
  • 20
    Sep 20th
    36 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    38 Files
  • 24
    Sep 24th
    65 Files
  • 25
    Sep 25th
    24 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close