VID |
210107 |
Severity |
40 |
Port |
80, ... |
Protocol |
TCP |
Class |
CGI |
Detailed Description |
The PHPAuction software is vulnerable to multiple remote file include vulnerabilities via the 'include_path' parameter. PHPAuction GPL version 2.51 is vulnerable to multiple remote file include vulnerabilities, caused by improper validation of user-supplied input passed to the 'include_path' parameter of the 'converter.inc.php', 'messages.inc.php', and 'settings.inc.php' scripts in 'includes/'. If the register_globals is enabled, a remote attacker could send a specially-crafted URL request to execute arbitrary PHP code and operating system commands on the affected host.
* References: http://milw0rm.com/exploits/3003 http://www.frsirt.com/english/advisories/2008/0908 http://secunia.com/advisories/29422
* Platforms Affected: John Rayfield, PHPAuction GPL version 2.51 Any operating system Any version |
Recommendation |
No upgrade or patch available as of May 2008.
Upgrade to a fixed version of PHPAuction, when new fixed version becomes available from the PHPAuction Web site at http://www.phpauction.net/ |
Related URL |
CVE-2008-1416 (CVE) |
Related URL |
28284 (SecurityFocus) |
Related URL |
41239 (ISS) |
|