PBLang Login.PHP Local File Include Vulnerability
BID:24340
Info
PBLang Login.PHP Local File Include Vulnerability
| Bugtraq ID: | 24340 |
| Class: | Input Validation Error |
| CVE: |
CVE-2007-3096 |
| Remote: | Yes |
| Local: | No |
| Published: | Jun 06 2007 12:00AM |
| Updated: | May 07 2015 05:37PM |
| Credit: | Silentz is credited with the discovery of this vulnerability. |
| Vulnerable: |
PBLang PBLang 4.66 z PBLang PBLang 4.66 PBLang PBLang 4.65 PBLang PBLang 4.63 PBLang PBLang 4.56 (4.5 RC 2) PBLang PBLang 4.6 PBLang PBLang 4.0 PBLang PBLang 4.67.16.a |
| Not Vulnerable: | |
Discussion
PBLang Login.PHP Local File Include Vulnerability
PBLang is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input.
Exploiting this issue may allow an unauthorized user to view files and execute local scripts.
PBLang 4.67.16.a is vulnerable to this issue; prior versions may also be affected.
PBLang is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input.
Exploiting this issue may allow an unauthorized user to view files and execute local scripts.
PBLang 4.67.16.a is vulnerable to this issue; prior versions may also be affected.
Exploit / POC
PBLang Login.PHP Local File Include Vulnerability
Attackers can use a browser to exploit this issue.
The following exploit is available:
Attackers can use a browser to exploit this issue.
The following exploit is available:
Solution / Fix
PBLang Login.PHP Local File Include Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].