BNLug - PHPMyInventory Global Inc PHP Remote File Include Vulnerability

PHPMyInventory Global.Inc.PHP Remote File Include Vulnerability

TITLE: PHPMyInventory Global.Inc.PHP Remote File Include Vulnerability
CLASS: Input Validation Error
CVE:
REMOTE: Yes
LOCAL: No
PUBLISHED: Jun 16 2007 12:00AM
UPDATE: Jun 18 2007 04:59PM
CREDIT: o0xxdark0o is credited with the discovery of this vulnerability.
VULNERABLE:

phpMyInventory phpMyInventory 2.8

NOT VULNERABLE:

phpMyInventory phpMyInventory 2.8.1

Vai alla pagina originale su Security Focus

Discussion

phpMyInventory is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input.

Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible.

This issue affects phpMyInventory 2.8; earlier versions may also be vulnerable.

Exploit

Attackers can use a browser to exploit this issue.

The following proof-of-concept URI is available:

http://www.example.com/pmi_v28/Includes/global.inc.php?strIncludePrefix=Shell.txt?

Solution

Solution:
This issue has been addressed in phpMyInventory 2.8.1.

phpMyInventory phpMyInventory 2.8

phpMyInventory pmi281.zip
http://downloads.sourceforge.net/phpmyinventory/pmi281.zip

References

References:

phpMyInventory Sourceforge Page (phpMyInventory)

PHPMyInventory Global.Inc.PHP Remote File Include Vulnerability

Discussion

Exploit

Solution

References

PhpLog

BNLug Benevento Linux Users Group

Menu Principale

Staff

Partner

Link