CVE-2006-0713 Information
Description
Directory traversal vulnerability in LinPHA 1.0 allows remote attackers to include arbitrary files via .. (dot dot) sequences in the (1) lang parameter in docs/index.php and the language parameter in (2) install/install.php (3) install/sec_stage_install.php (4) install/third_stage_install.php and (5) install/forth_stage_install.php. NOTE: direct static code injection is resultant from this issue as demonstrated by inserting PHP code into the username which is inserted into linpha.log which is accessible from the directory traversal.
Reference
http://retrogod.altervista.org/linpha_10_local.html http://secunia.com/advisories/18808 http://securityreason.com/securityalert/426 http://www.securityfocus.com/archive/1/424729/100/0/threaded http://www.securityfocus.com/bid/16592 http://www.vupen.com/english/advisories/2006/0535 https://exchange.xforce.ibmcloud.com/vulnerabilities/24663
Share on: