phpCollab Unauthorized Access and Arbitrary File Upload Vulnerabilities
BID:53675
Info
phpCollab Unauthorized Access and Arbitrary File Upload Vulnerabilities
| Bugtraq ID: | 53675 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | May 24 2012 12:00AM |
| Updated: | May 24 2012 12:00AM |
| Credit: | team ' and 1=1-- |
| Vulnerable: |
PhpCollab PHPCollab 2.5 |
| Not Vulnerable: | |
Discussion
phpCollab Unauthorized Access and Arbitrary File Upload Vulnerabilities
phpCollab is prone to an unauthorized-access and an arbitrary-file-upload vulnerabilities.
Attackers can leverage these issues to gain unauthorized access to application data and to upload and execute arbitrary code in the context of the application.
phpCollab 2.5 is vulnerable; other versions may also be affected.
phpCollab is prone to an unauthorized-access and an arbitrary-file-upload vulnerabilities.
Attackers can leverage these issues to gain unauthorized access to application data and to upload and execute arbitrary code in the context of the application.
phpCollab 2.5 is vulnerable; other versions may also be affected.
Exploit / POC
phpCollab Unauthorized Access and Arbitrary File Upload Vulnerabilities
Attackers can exploit these issues with a web browser.
The following example data is available:
Attackers can exploit these issues with a web browser.
The following example data is available:
Solution / Fix
phpCollab Unauthorized Access and Arbitrary File Upload Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
References
phpCollab Unauthorized Access and Arbitrary File Upload Vulnerabilities
References:
References:
- phpCollab Homepage (phpCollab)