CVE-2015-2209 - DLGuard Full Path Disclosure (Information Leakage) Web Security Vulnerabilities
Exploit Title: DLGuard "/index.php?" "&c" parameter Full Path Disclosure Web Security Vulnerabilities
Product: DLGuard
Vendor: DLGuard
Vulnerable Versions: v4.5
Tested Version: v4.5
Advisory Publication: January 18, 2015
Latest Update: March 20, 2015
Vulnerability Type: Information Exposure [CWE-200]
CVE Reference: CVE-2015-2209
Impact CVSS Severity (version 2.0):
CVSS v2 Base Score: 5.0 (MEDIUM) (AV:N/AC:L/Au:N/C:P/I:N/A:N) (legend)
Impact Subscore: 2.9
Exploitability Subscore: 10.0
CVSS Version 2 Metrics:
Access Vector: Network exploitable
Access Complexity: Low
Authentication: Not required to exploit
Impact Type: Allows unauthorized disclosure of information
Discover and Author: Jing Wang [School of Mathematical Sciences (001), University of Science and Technology of China (USTC)] (@justqdjing)
Consultation Details:
(1) Vendor & Product Description:
Vendor:
DLGuard
Product & Version:
DLGuard
v4.5
Vendor URL & Download:
DLGuard can be obtained from here,
Product Introduction Overview:
“DLGuard
is a powerful, yet easy to use script that you simply upload to your
website and then rest assured that your internet business is not only
safe, but also much easier to manage, automating the tasks you just
don't have the time for."
"DLGuard supports the three types, or methods, of sale on the internet:
<1>Single item sales (including bonus products!)
<2>Multiple item sales
<3>Membership websites"
"DLGuard is fully integrated with: PayPal, ClickBank, 2Checkout, Authorize.Net, WorldPay, AlertPay, Ebay, PayDotCom, E-Gold, 1ShoppingCart, Click2Sell, Mal's E-Commerce, LinkPoint, PagSeguro, CCBill, CommerseGate, DigiResults, FastSpring, JVZoo, MultiSafePay, Paypal Digital Goods, Plimus, RevenueWire/SafeCart, SWReg, WSO Pro, and even tracks your free product downloads. The DLGuard built-in Shopping Cart offers Paypal, Authorize.net, and 2Checkout payment options. The Membership areas allow Paypal, Clickbank, 2Checkout, and LinkPoint recurring billing as well as linking to any PayPal, ClickBank, 2Checkout, Authorize.Net, WorldPay, AlertPay, Ebay, PayDotCom, E-Gold, 1ShoppingCart, E-Bullion, LinkPoint, PagSeguro, CCBill, CommerseGate, DigiResults, FastSpring, JVZoo, MultiSafePay, Paypal Digital Goods, Plimus, RevenueWire/SafeCart, SWReg, WSO Pro single sale and free products so that people who buy your products can access your members area. DLGuard is the perfect solution to secure your single sale item, such as a niche marketing website, software sales, ebook sales, and more! DLGuard not only protects your download page, but it makes setting up new products, or making changes to existing products so much quicker and easier than before."
(2) Vulnerability Details:
DLGuard
web application has a computer security bug problem. It can be
exploited by information leakage attacks - Full Path Disclosure (FPD).
This may allow a remote attacker to disclose the software's installation
path. While such information is relatively low risk, it is often useful
in carrying out additional, more focused attacks.
Several
similar products vulnerabilities have been found by some other bug
hunter researchers before. DLguard has patched some of them. NVD is the
U.S. government repository of standards based vulnerability management
data (This data enables automation of vulnerability management, security
measurement, and compliance (e.g. FISMA)). It has published
suggestions, advisories, solutions related to important vulnerabilities.
(2.1) The first bug flaw occurs at "&c" parameter in “index.php?” page.
References:
No comments:
Post a Comment