ClanSphere 2007.4.4 - 'install.php' Local File Include Vulnerability

ID EDB-ID:31067
Type exploitdb
Reporter p4imi0
Modified 2008-01-28T00:00:00


ClanSphere 2007.4.4 'install.php' Local File Include Vulnerability. CVE- 2008-0489. Webapps exploit for php platform


ClanSphere is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input.

An attacker can exploit this vulnerability using directory-traversal strings to access potentially sensitive information that may aid in further attacks.

ClanSphere 2007.4.4 is vulnerable to this issue; other versions may also be affected.