Family: CGI abuses --> Category: attack
Limbo CMS Itemid Arbitrary Code Execution Vulnerability Vulnerability Scan
Vulnerability Scan Summary
Injects arbitrary PHP code via Itemid parameter in Limbo CMS
Detailed Explanation for this Vulnerability Test
The remote web server contains a PHP application that is affected by
an arbitrary code execution vulnerability.
The remote host is running Limbo CMS, a content-management system
written in PHP.
The installed version of Limbo fails to sanitize input to the 'Itemid'
parameter before using it as part of a search string in an 'eval()'
statement in the 'classes/adodbt/read_table.php' script. Regardless
of PHP's 'register_globals' and 'magic_quotes_gpc' settings, an
unauthenticated attacker can leverage this issue to execute arbitrary
PHP code on the remote host subject to the rights of the web
server user id.
See also :
Apply the Limbo security patch update from 2006-03-09.
High / CVSS Base Score : 7
Click HERE for more information and discussions on this network vulnerability scan.