| VID |
21767 |
| Severity |
40 |
| Port |
80, ¡¦ |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The RunCMS / E-Xoops, according to its version number, has a remote arbitrary file upload vulnerability. RunCMS / E-Xoops is a freely available community management system written in PHP, developed from XOOPS. RUNCMS version 1.1A and earlier versions, and possibly other products based on E-Xoops could allow arbitrary files to be uploaded, caused due to an input validation error in the file upload function. If the Allow customer avatar upload option is enabled, a remote attacker could exploit this vulnerability to upload arbitrary files and to gain unauthorized access in the context of the Web server.
* Note: This check solely relied on the version number of RunCMS / E-Xoops installed on the remote Web server to assess this vulnerability, so this might be a false positive.
* References:
http://www.securityfocus.com/archive/1/395097
http://secunia.com/advisories/14869/
* Platforms Affected:
E-Xoops version 1.0 5r3
RUNCMS version 1.1A and earlier versions
Any operating system Any version |
| Recommendation |
Set the 'Allow custom avatar upload' option to 'No' in 'Custom avatar settings'.
-- OR --
Apply the patch for this vulnerability, available from the RunCMS Web site at http://www.runcms.org/modules/mydownloads/singlefile.php?lid=219 |
| Related URL |
CVE-2005-1031 (CVE) |
| Related URL |
13027 (SecurityFocus) |
| Related URL |
20001 (ISS) |
|
