Shopweezle index.php url Variable Local File Inclusion

2006-04-09T09:02:39
ID OSVDB:24474
Type osvdb
Reporter r0t(krustevs@googlemail.com)
Modified 2006-04-09T09:02:39

Description

Vulnerability Description

Shopweezle contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to index.php not properly sanitizing user input supplied to the 'url' variable. This may allow an attacker to read arbitrary local files or include local files which contain arbitrary commands which will be executed by the vulnerable script.

Solution Description

Upgrade to version 2.0.16 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Shopweezle contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to index.php not properly sanitizing user input supplied to the 'url' variable. This may allow an attacker to read arbitrary local files or include local files which contain arbitrary commands which will be executed by the vulnerable script.

References:

Vendor URL: http://shopweezle.de/ Secunia Advisory ID:19593 Related OSVDB ID: 24472 Related OSVDB ID: 24473 Related OSVDB ID: 24470 Related OSVDB ID: 24471 Other Advisory URL: http://pridels.blogspot.com/2006/04/shopweezle-20-multiple-vuln.html CVE-2006-1707 Bugtraq ID: 17441