Korean
<< Back
VID 210107
Severity 40
Port 80, ...
Protocol TCP
Class CGI
Detailed Description The PHPAuction software is vulnerable to multiple remote file include vulnerabilities via the 'include_path' parameter. PHPAuction GPL version 2.51 is vulnerable to multiple remote file include vulnerabilities, caused by improper validation of user-supplied input passed to the 'include_path' parameter of the 'converter.inc.php', 'messages.inc.php', and 'settings.inc.php' scripts in 'includes/'. If the register_globals is enabled, a remote attacker could send a specially-crafted URL request to execute arbitrary PHP code and operating system commands on the affected host.

* References:
http://milw0rm.com/exploits/3003
http://www.frsirt.com/english/advisories/2008/0908
http://secunia.com/advisories/29422

* Platforms Affected:
John Rayfield, PHPAuction GPL version 2.51
Any operating system Any version
Recommendation No upgrade or patch available as of May 2008.

Upgrade to a fixed version of PHPAuction, when new fixed version becomes available from the PHPAuction Web site at http://www.phpauction.net/
Related URL CVE-2008-1416 (CVE)
Related URL 28284 (SecurityFocus)
Related URL 41239 (ISS)