3 matches found
Clearsite 'header.php' Remote File Include Vulnerability
Clearsite is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible. OpenVAS Vulnerability Test $Id:...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in ClearSite Beta 4.50, and possibly other versions, allow remote attackers to execute arbitrary PHP code via a URL in the csbasepath parameter to 1 docs.php and 2 include/admin/deviceadmin.php. NOTE: the header.php vector is already covered by...
CVE-2009-3306
CVE-2009-3306 is tied to ClearSite 4.50 and involves a remote file inclusion (RFI) in include/header.php. The underlying issue is unsanitized user input via the cs_base_path parameter, allowing an attacker to cause arbitrary PHP code execution. OpenVAS entries corroborate a header.php RFI vector ...