1
wishcraft
@XoopsProject Security Vulnerability in imagemanager.php

Luckly this is only appliable if the person has admin access however there is a security vulnerability with XOOPS 2.5.0a where the target variable can be injected to change routes around in the file target and place files around the place like PHP files or scripts.

it's not the fact you can simply do imagemanager.php?target=/../../../../../../

but the use of $_REQUEST['target'] is totally insecure. $_REQUEST[] can be overidden with a specially crafted cookie and it overwrites any $_GET or $_POST.

Report: http://www.allinfosec.com/2011/04/23/webapps-0day-xoops-2-5-0-imagemanager-php-lfi-vulnerability-7/

Resized Image
http://www.ohloh.net/accounts/226400

Follow, Like & Read:-

twitter.com/RegaltyFamily
github.com/Chronolabs-Cooperative
facebook.com/DrAntonyRoberts

Login

Who's Online

451 user(s) are online (340 user(s) are browsing Support Forums)


Members: 0


Guests: 451


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits