• Software Link:
• Affected Versions:
Version 3.1.1 and probably other versions.
• Vulnerabilities Description:
Input passed via the “fb_user_id” and “tw_user_id” parameters to /signup is not properly sanitised before being used in a SQL query in the /system/controllers/signup.php script. This can be exploited to conduct SQL injection and privilege escalation attacks.
No official solution is currently available.
• Disclosure Timeline:
[06/11/2013] – Vendor notified
[06/11/2013] – Vendor response stating “Please immediately cease and desist all such communications”
[05/12/2013] – Public disclosure
• CVE Reference:
Vulnerabilities discovered by Egidio Romano, Secunia Research.
• Original Advisory: