|
Family: CGI abuses --> Category: attack
osCommerce readme_file Parameter File Disclosure Vulnerability Vulnerability Scan
Vulnerability Scan Summary Tries to read a file with osCommerce
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote web server contains a PHP script that is affected by a
file disclosure vulnerability.
Description :
The remote host is running osCommerce, an open-source e-commerce
system.
The osCommerce installation on the remote host has a supplementary
script, 'extras/update.php', that fails to validate user-supplied
input to the 'readme_file' parameter before using that to display a
file. A possible hacker can exploit this flaw to read arbitrary files on
the remote host, such as the '.htaccess' file used to protect the
admin directory.
See also :
http://www.oscommerce.com/community/bugs,2835
Solution :
Remove the 'extras/update.php' script.
Threat Level:
Medium / CVSS Base Score : 4
(AV:R/AC:L/Au:NR/C:P/A:N/I:N/B:C)
Click HERE for more information and discussions on this network vulnerability scan.
|