|
|
Info |
Last Modified |
| 8 months ago |
|
|
|
|
Description |
JAF CMS allows a remote attacker to include arbitrary local files. Input given to the "show" parameter of "config.php" is not properly sanitized before it is referenced to include a file. This vulnerability can be leveraged to include arbitrary files from the local system, resulting in information disclosure in the case of text files and script execution in the case of php scripts.
|
|
Classification |
Location:
Remote/Network Access Required
Attack Type:
Input Manipulation
Impact:
Loss of Confidentiality,
Loss of Integrity
Exploit:
Exploit Available
Disclosure:
OSVDB Verified
OSVDB:
Web Related
|
|
Technical |
By specially crafting a URL containing "../" character sequences, an attacker may request inclusion of arbitrary files on the target system, resulting in information disclosure in the case of text files and script execution in the case of php scripts.
|
|
Solution |
Upgrade to the most recent release of version 3.0 RC or more recent. Previous release of 3.0 RC are vulnerable. If you are unsure which distribution of 3.0 RC you are using, upgrade.
|
|
Products |
|
JAF CMS
 |
1.0 |
1.5 |
2.0 |
2.0.5 |
2.1.0 |
2.5 |
3.0 RC |
|
|
|
|
|
Credit |
- y3dips - y3dips
 echo.or.id -
|
|
BlogsProvided by Technorati
|
None found at this time
|
|
|
