| VID |
210104 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The e107 Website System is vulnerable to an information disclosure vulnerability in the My_Gallery plugin. e107 is a freely available, Web content management system written in PHP. My_Gallery is a third-party photo gallery plugin for e107. My_Gallery 2.3 plugin for e107 could allow a remote attacker to download arbitrary files from the affected host, caused by improper validation of user-supplied input passed to the 'file' parameter of the 'dload.php' script. A remote attacker could exploit this vulnerability by using full paths to files to read arbitrary files on the vulnerable host in the security context of the Web server process.
* References:
http://archives.neohapsis.com/archives/bugtraq/2008-03/0373.html
http://secunia.com/advisories/29493
http://milw0rm.com/exploits/5308
* Platforms Affected:
e107, my_gallery plugin for e107 2.3
Any operating system Any version |
| Recommendation |
No upgrade or patch available as of May 2008.
Upgrade to a fixed version of My_Gallery plugin for e107, available from the My_Gallery plugin for e107 Web site at http://plugins.e107.org/e107_plugins/psilo/psilo.php?artifact.347 |
| Related URL |
CVE-2008-1702 (CVE) |
| Related URL |
28440 (SecurityFocus) |
| Related URL |
41433 (ISS) |
|
