Nukestyles.com viewpage.php Addon for PHP-Nuke File Parameter Traversal Arbitrary File Access

high Nessus Plugin ID 11472

Language:

Synopsis

It is possible to access arbitrary files from the remote system.

Description

viewpage.php (part of Nukestyles.com addon for PHP-Nuke) does not filter user-supplied input.

As a result, an attacker may use it to read arbitrary files on the remote host by supplying a bogus value to the 'file' parameter of this CGI.

Solution

Do not use php-nuke.

Plugin Details

Severity: High

ID: 11472

File Name: viewpage_file_reading.nasl

Version: 1.23

Type: remote

Family: CGI abuses

Published: 3/25/2003

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N

Vulnerability Information

CPE: cpe:/a:phpnuke:nukestyles_viewpage_module

Required KB Items: www/PHP

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Ease: No exploit is required

Reference Information

CVE: CVE-2003-1545

BID: 7191

CWE: 22