Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

W-Agora < 4.2.1 index.php site Parameter Traversal Arbitrary File Access

Medium

Synopsis

The remote host is vulnerable to multiple attack vectors.

Description

The remote host is running W-Agora, a web-based forum management software written in PHP. This version of Agora is vulnerable to a flaw in the way that it handles the 'site' parameter of the index.php script. An attacker exploiting this flaw can supply a directory outside of the web root. Successful exploitation would allow the remote attacker the ability to peruse potentially confidential files outside of the web root (such as /etc/passwd or similar). In addition, the software is vulnerable to several other remote cross-site-scripting (XSS) and script injection flaws. Finally, the application is vulnerable to a multiple 'file include' flaws. An attacker exploiting this flaw would be able to execute arbitrary PHP script code on the W-Agora system. Executed scripts would have the permissions of the webserver process.

Solution

Upgrade to version 4.2.1 or higher.