Simple PHP Blog comments.php Traversal Arbitrary File Access

high Nessus Plugin ID 16137

Language:

Synopsis

It is possible to access arbitrary files from the remote system.

Description

The remote version of Simple PHP Blog allows for retrieval of arbitrary files from the web server. These issues are due to a failure of the application to properly sanitize user-supplied input data.

Solution

Upgrade at least to version 0.3.7 r2.

Plugin Details

Severity: High

ID: 16137

File Name: sphpblog_dir_traversal.nasl

Version: 1.21

Type: remote

Family: CGI abuses

Published: 1/12/2005

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 5.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N

Vulnerability Information

CPE: cpe:/a:alexander_palmo:simple_php_blog

Required KB Items: www/sphpblog

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Ease: No exploit is required

Vulnerability Publication Date: 1/7/2005

Reference Information

CVE: CVE-2005-0214

BID: 12193

Detections

Analytics