|
PHP Doc System 1.5.1 Local file inclusion vuln.
Vuln. dicovered by : r0t
Date: 27 nov. 2005
Orginal advisory:http://pridels.blogspot.com/2005/11/php-doc-system-151-local-file.html
Vendor:http://www.alexking.org/
affected version: 1.5.1 and prior
Product Description:
A modular PHP system for creating documentation. You create modules
for documentation elements (installation steps, buttons, screens,
etc.) and then refer to them instead of having to copy/paste
information you'd want to have in 2 or more places. For example, you
have an application that has buttons on a toolbar which appears on
several screens. You define each button, define the toolbar and
include the buttons, then define the screens and include the toolbar
which in turn includes the buttons. It can run as dynamic PHP,
including everything on the fly or it can output static HTML that you
can include in your software distribution. Version 1.5 adds a 'related
links' sidebar and a module generator. Offered as Donationware.
Vuln. description:
Input passed to the "show" parameter in "index.php" isn't properly
verified, before it is used to include files . This can be exploited
to include arbitrary files from local resources or to view files from
local resource.
example:
/index.php?show=../File
Solution:
Edit the source code to ensure that input is properly sanitised.
|
