Advanced Poll comments.php Multiple Variable Arbitrary PHP Code Injection

2003-10-25T09:13:47
ID OSVDB:2743
Type osvdb
Reporter OSVDB
Modified 2003-10-25T09:13:47

Description

Vulnerability Description

The PHP web application, Advanced Poll, contains a flaw that may allow a malicious user to inject and execute PHP code. The issue is triggered when a request is submitted that contains a hostile value in the 'id', 'template_set', or 'action' parameters. It is possible that the flaw may allow an unauthorized remote user to access internal variables and execute arbitrary system commands.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

The PHP web application, Advanced Poll, contains a flaw that may allow a malicious user to inject and execute PHP code. The issue is triggered when a request is submitted that contains a hostile value in the 'id', 'template_set', or 'action' parameters. It is possible that the flaw may allow an unauthorized remote user to access internal variables and execute arbitrary system commands.

References:

Vendor URL: http://www.proxy2.de/scripts.php Secunia Advisory ID:10068 Related OSVDB ID: 3291 Related OSVDB ID: 3292 Other Advisory URL: http://packetstormsecurity.nl/0310-exploits/php.advanced.poll.txt Other Advisory URL: http://www.phpsecure.info/v2/tutos/frog/AdvancedPoll2.0.2.txt Other Advisory URL: http://archives.neohapsis.com/archives/vulnwatch/2003-q4/0019.html Nessus Plugin ID:11487 Mail List Post: http://attrition.org/pipermail/vim/2006-October/001080.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-10/0109.html ISS X-Force ID: 13513 CVE-2003-1178 Bugtraq ID: 8890