Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Blueshoes GoogleSearch.php APP[path][lib] Parameter Remote File Inclusion



The remote host is vulnerable to a file-include injection flaw.


The remote host is running the Blueshoes framework, a PHP framework for creating web applications. This version of Blueshoes is vulnerable to a flaw in the GoogleSearch.php script. An attacker exploiting this flaw would be able to execute arbitrary PHP code on the target server. Successful exploitation would give the attacker the same rights as the web process.


No solution is known at this time.