Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

manpage.txt

🗓️ 11 Jan 2004 00:00:00Reported by Cabezon AurelienType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 40 Views

PHP class vulnerable to directory transversal bug, exposing files via user input. Upgrade recommended.

Code
`Hi ppl,  
  
_Manpage Lookup_ is a PHP class that helps you to build a "manpage"  
frontend in php. It is powered by Andy (http://php.amnuts.com).  
  
The script _class.manpagelookup.php_ was vulnerable to a directory  
transversal bug (because of leaks is input validation) that could lead  
to disclose any readable (by the httpd process id) files on the remote  
server.  
  
The problem was located in the function buildManPage(), the $cmd  
variable was not filtered enough and the path of any file to open could  
be given across the user input.  
  
Exploiting this issue was easy:   
http://www.foo.com/manpage/index.php?command=/etc/resolv.conf  
  
The vulnerability has now been fixed by Andy. All people who are running  
this script should upgrade asap (http://php.amnuts.com).  
  
Best regards,  
  
--  
Cabezon Aurélien <[email protected]>  
iSECURELABS.COM - http://www.isecurelabs.com  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
11 Jan 2004 00:00Current
7.4High risk
Vulners AI Score7.4
php classdirectory transversalinput validationvulnerabilityfile disclosureupgrade recommended
40