Work System ECommerce Forum.PHP Remote File Include Vulnerability

Bugtraq ID:	21580
Class:	Input Validation Error
CVE:
Remote:	Yes
Local:	No
Published:	Dec 13 2006 12:00AM
Updated:	Dec 14 2006 05:03PM
Credit:	The_Edit0r is credited with the discovery of this vulnerability.
Vulnerable:	WORK system e-commerce WORK system e-commerce 3.0.4 WORK system e-commerce WORK system e-commerce 3.0.3
Not Vulnerable:	WORK system e-commerce WORK system e-commerce 3.0.41

Work System ECommerce Forum.PHP Remote File Include Vulnerability

WORK system e-commerce is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data.

Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible.

WORK system e-commerce 3.0.4 and prior versions are vulnerable.

Work System ECommerce Forum.PHP Remote File Include Vulnerability

An attacker can exploit this issue via a web client.

The following exploit is available:

• /data/vulnerabilities/exploits/21580.pl

Work System ECommerce Forum.PHP Remote File Include Vulnerability

Solution:
The vendor has released an update that addresses this issue. Please see the references for more information.


WORK system e-commerce WORK system e-commerce 3.0.3

• WORK system e-commerce worksystem_3_0_41.zip
  http://downloads.sourceforge.net/worksystem/worksystem_3_0_41.zip?modt ime=1165611880&big_mirror=0

WORK system e-commerce WORK system e-commerce 3.0.4

• WORK system e-commerce worksystem_3_0_41.zip
  http://downloads.sourceforge.net/worksystem/worksystem_3_0_41.zip?modt ime=1165611880&big_mirror=0

Work System ECommerce Forum.PHP Remote File Include Vulnerability

References:

• WORK system e-commerce Project Page (WORK system e-commerce)
  
• Re: worksystem => Remote File Include Vulnerability Exploit ([email protected])