Title: phpunity.newsmanager misc/tell_a_friend/tell.php id Parameter Traversal Arbitrary File Access
Jan 30, 2010
phpunity.newsmanager contains a flaw that allows a remote attacker to traverse outside of a restricted path. The issue is due to the 'misc/tell_a_friend/tell.php' script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied via the 'id' parameter. This directory traversal attack would allow the attacker to access arbitrary files.
Remote / Network Access
Loss of Confidentiality