icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Atomic Photo Album apa_phpinclude.inc.php apa_module_basedir Parameter Remote File Inclusion

High

Synopsis

The remote host is vulnerable to a Script Injection attack.

Description

The remote host is running Atomic Photo Album, a free PHP-based photo gallery. The installed version of Atomic Photo Album allows remote attackers to control the 'apa_module_basedir' variable used when including PHP code in the 'apa_phpinclude.inc.php' script. By leveraging this flaw, an attacker may be able to view arbitrary files on the remote host and execute arbitrary PHP code, possibly taken from third-party hosts.

Solution

Enable PHP's 'magic_quotes_gpc' setting and disable 'allow_url_fopen'.