|
|
Info |
Last Modified |
| 2 months ago |
|
|
|
|
|
Description |
Docebo contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to multiple scripts not properly sanitizing user input supplied to multiple variables. This may allow an attacker to overwrite global variables to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.
|
|
Classification |
Location:
Remote/Network Access Required
Attack Type:
Input Manipulation
Impact:
Loss of Integrity
Exploit:
Exploit Available
OSVDB:
Web Related
|
|
Technical |
This vulnerability is only present when the register_globals PHP option is set to 'on'. This has not been the default setting for PHP installs since version 4.2.0 (22-Apr-2002).
The flawed scripts are reported to include lib.permission.php, lib.pagewriter.php, lib.lang.php, lib.template.php, lib.mimetype.php, lib.simplesel.php, lib.filelist.php, tree.documents.php, lib.repo.php, lib.php, lib.teleskill.php.
The variables which can be exploited are reported to include where_framework, where_scs, where_cms, where_lms, where_upgrade, BBC_LIB_PATH, and BBC_LANGUAGE_PATH.
|
|
Solution |
Currently, there are no known upgrades, patches, or workarounds available to correct this issue.
|
|
Products |
|
Docebo
 |
3.0.3 |
|
|
|
|
|
|
Credit |
- Kacper - kacper1964
 yahoo.pl - DEVIL TEAM
|
|
BlogsProvided by Technorati
|
None found at this time
|
|
|
