Vulnerability Assessment & Network Security Forums

If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important.  If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery.

Home >> Browse Vulnerability Assessment Database >> CGI abuses >> phpListPro returnpath Remote File Include Vulnerabilities

Vulnerability Assessment Details

phpListPro returnpath Remote File Include Vulnerabilities
Vulnerability Assessment Summary
Checks for file includes in phpListPro's config.php

Detailed Explanation for this Vulnerability Assessment

Summary :

The remote web server contains a PHP application that is affected by
remote file include vulnerabilities.

Description :

The remote host is running phpListPro, a web site voting/ranking tool
written in PHP.

The installed version of phpListPro fails to sanitize user input to
the 'returnpath' parameter of the 'config.php', 'editsite.php',
'addsite.php', and 'in.php' scripts before using it to include PHP
code from other files. An unauthenticated attacker may be able to
read arbitrary local files or include a file from a remote host that
contains commands which will be executed on the remote host subject to
the rights of the web server process.

These flaws are only exploitable if PHP's 'register_globals' is
enabled.

See also :

http://archives.neohapsis.com/archives/bugtraq/2006-04/0206.html
http://archives.neohapsis.com/archives/bugtraq/2006-05/0153.html
http://archives.neohapsis.com/archives/bugtraq/2006-05/0199.html
http://www.smartisoft.com/forum/viewtopic.php?t=3019

Solution :

Edit the affected files as discussed in the vendor advisory above.

Network Security Threat Level:

High / CVSS Base Score : 7.0
(AV:R/AC:L/Au:NR/C:P/I:P/A:P/B:N)

Networks Security ID: 17448

Vulnerability Assessment Copyright: This script is Copyright (C) 2006 Josh Zlatin-Amishav
Cables, Connectors


Lenovo ThinkPad X1 Carbon 7th 14

Lenovo ThinkPad X1 Carbon 7th 14" Core i5 8365U 8GB 256GB, Windows 11 Home

$259.99


Lenovo ThinkPad T580 15.6

Lenovo ThinkPad T580 15.6" Core i5 8250U 8GB 256GB, Windows 11 Home

$199.99


LENOVO P520 Workstation W-2135 up to 128GB RAM 4TB SSD Win11P WiFi DVD/RW Gaming picture

LENOVO P520 Workstation W-2135 up to 128GB RAM 4TB SSD Win11P WiFi DVD/RW Gaming

$439.88


Lenovo ThinkPad T480 14

Lenovo ThinkPad T480 14" Touchscreen Laptop i5 256GB NVMe 16GB RAM Win 11 Pro

$249.00


Lenovo - LOQ 15.6

Lenovo - LOQ 15.6" Gaming Laptop FHD - Intel Core i5-13420H with 8GB Memory -...

$629.99


Lenovo 100e Chromebook Laptop 2nd Gen | 11.6

Lenovo 100e Chromebook Laptop 2nd Gen | 11.6" HD | MTK 1.7GHz | 4GB RAM | 32GB

$32.00


Lenovo Ideapad 1i 15.6

Lenovo Ideapad 1i 15.6" FHD Notebook Intel Core i5-1235U 8GB RAM 256GB SSD

$349.99


Lenovo ThinkPad Yoga 11e 11.6

Lenovo ThinkPad Yoga 11e 11.6" 2in1 Touch Intel Core i3 4GB RAM 128GB SSD Win10

$59.00


Notebook Lenovo Slim Pro 9 Laptop, 16

Notebook Lenovo Slim Pro 9 Laptop, 16" Glass, i9-13905H, GB, 1TB SSD

$1051.99


Lenovo ThinkPad 14

Lenovo ThinkPad 14" Laptop Computer Core i7 16GB RAM 256GB SSD Windows 10 Pro

$229.99


Discussions

No Discussions have been posted on this vulnerability.