BID:17898

PHP-Fusion Multiple Local File Include Vulnerabilities

CVE-2006-2330 | CVE-2006-2331 |

Info

PHP-Fusion Multiple Local File Include Vulnerabilities

Bugtraq ID:	17898
Class:	Input Validation Error
CVE:
Remote:	Yes
Local:	No
Published:	May 08 2006 12:00AM
Updated:	May 09 2006 10:24PM
Credit:	rgod is credited with the discovery of this vulnerability.
Vulnerable:	PHP-Fusion PHP-Fusion 6.0.204 PHP-Fusion PHP-Fusion 6.0.110 PHP-Fusion PHP-Fusion 6.0.109 PHP-Fusion PHP-Fusion 6.0.107 PHP-Fusion PHP-Fusion 6.0.105 PHP-Fusion PHP-Fusion 6.0 306 PHP-Fusion PHP-Fusion 6.0 304 PHP-Fusion PHP-Fusion 6.0 303 PHP-Fusion PHP-Fusion 6.0 0.3 PHP-Fusion PHP-Fusion 6.0 .206 PHP-Fusion PHP-Fusion 6.0 .106

Not Vulnerable:

Discussion

PHP-Fusion Multiple Local File Include Vulnerabilities

PHP-Fusion is prone to multiple local file-include vulnerabilities. This may allow unauthorized users to view files and to execute local scripts.

An attacker may also be able to execute arbitrary code by way of uploaded avatars.

Exploit / POC

PHP-Fusion Multiple Local File Include Vulnerabilities

This issue can be exploited through a web client.

The following exploit is available:

/data/vulnerabilities/exploits/PHPFusion-6.00.306-lfi.php

Solution / Fix

PHP-Fusion Multiple Local File Include Vulnerabilities

Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]

References

PHP-Fusion Multiple Local File Include Vulnerabilities

References:

PHP-Fusion Homepage (PHP-Fusion)
PHPFusion <= v6.00.306 avatar mod_mime arbitrary file upload & local inclusion v (rgod)