| VID |
21834 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The RunCMS software is vulnerable to multiple file include vulnerabilities. RunCMS / E-Xoops is a freely available community management system written in PHP, developed from XOOPS. RUNCMS version 1.2 and earlier versions could allow a remote attacker to include malicious files, caused by improper filtering of user-supplied input passed to the the bbPath[path] parameter in the class.forumposts.php script and the xoopsConfig[language] parameter in the forumpollrenderer.php script. These vulnerabilities could permit a remote attacker to execute arbitrary PHP script code and operating system commands on the affected system in the security context of the Web server process. Successful exploitation requires that PHP's 'register_globals' setting be enabled.
* References:
http://www.runcms.org/public/modules/news/
http://archives.neohapsis.com/archives/bugtraq/2006-02/0153.html
http://secunia.com/advisories/18800/
http://retrogod.altervista.org/runcms_13a_xpl.html
* Platforms Affected:
RUNCMS version 1.2 and earlier versions
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of RunCMS (1.3a or later), available from the RunCMS Web site at http://www.runcms.org/modules/news/ |
| Related URL |
CVE-2006-0659 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
24662 (ISS) |
|
