Retired: AllMyLinks Index.PHP Remote File Include Vulnerability
BID:21916
Info
Retired: AllMyLinks Index.PHP Remote File Include Vulnerability
| Bugtraq ID: | 21916 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 07 2007 12:00AM |
| Updated: | Jan 25 2007 04:23PM |
| Credit: | GolD_M is credited with the discovery of this vulnerability. |
| Vulnerable: |
AllMyPHP AllMyLinks 0.5 |
| Not Vulnerable: | |
Discussion
Retired: AllMyLinks Index.PHP Remote File Include Vulnerability
AllMyLinks is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data.
Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible.
AllMyLinks 0.5.0 is vulnerable; other versions may also be affected.
NOTE: Further analysis reveals that the reported script is not vulnerable to remote file includes due to security measures present in the script. Therefore this BID is being retired.
AllMyLinks is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data.
Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible.
AllMyLinks 0.5.0 is vulnerable; other versions may also be affected.
NOTE: Further analysis reveals that the reported script is not vulnerable to remote file includes due to security measures present in the script. Therefore this BID is being retired.
Exploit / POC
Retired: AllMyLinks Index.PHP Remote File Include Vulnerability
An attacker can exploit this issue via a web client.
An attacker can exploit this issue via a web client.
Solution / Fix
Retired: AllMyLinks Index.PHP Remote File Include Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
References
Retired: AllMyLinks Index.PHP Remote File Include Vulnerability
References:
References: