| VID |
21867 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The Simple PHP Blog is vulnerable to a local file include vulnerability via the 'install05.php' script. Simple PHP Blog is a freely available, open source Web blog written in PHP. Simple PHP Blog version 0.4.7.1 and earlier versions could allow a remote attacker to include and execute arbitrary local files via directory traversal sequences and a NULL (%00) character in the 'blog_language' parameter of the 'install05.php' script. If the magic_quotes_gpc setting is disabled, a remote attacker could exploit this flaw to view arbitrary files and possibly to execute arbitrary local files on the affected host.
* References:
http://www.milw0rm.com/exploits/1581
http://secunia.com/advisories/19270/
* Platforms Affected:
Simple PHP Blog version 0.4.7.1 and earlier versions
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of Simple PHP Blog (0.4.7.2 or later), available from the Simple PHP Blog Web site at http://www.simplephpblog.com/ |
| Related URL |
CVE-2006-1243 (CVE) |
| Related URL |
17102 (SecurityFocus) |
| Related URL |
25322 (ISS) |
|
