Multiple vulnerabilities in NConf version 1.3 could allow an unauthenticated, remote attacker to conduct cross-site scripting and SQL injection attacks.
The vulnerabilities are in the handle_item.php
script due to insufficient sanitization of user-supplied input. An attacker could exploit these vulnerabilities by convincing a user to follow a malicious URI with a crafted item
parameter. If successful, the attacker could execute SQL queries or arbitrary script code in the user's browser session. This could allow the attacker to access sensitive information.
Proof-of-concept code that exploits these vulnerabilities is publicly available.
Administrators are advised to implement an intrusion prevention system
(IPS) or intrusion detection system (IDS) to help detect and prevent
attacks that attempt to exploit these vulnerabilities.
For additional information about cross-site scripting attacks and the methods used to exploit these vulnerabilities, see the Cisco Applied Mitigation Bulletin Understanding Cross-Site Scripting (XSS) Threat Vectors
Vendor has not confirmed the vulnerabilities and software updates are not available.