Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

OneOrZero Helpdesk tinfo.php Arbitrary File Upload



The remote web server contains a PHP application that is affected by an arbitrary file upload vulnerability.


The remote host is running OneOrZero Helpdesk, a web-based helpdesk application written in PHP. The version of OneOrZero HelpDesk installed on the remote host allows uploads of arbitrary files via the 'tinfo.php' script provided the 'send_email' POST parameter is set. By uploading a file with arbitrary PHP code, an unauthenticated remote attacker can likely leverage this issue to execute code subject to the privileges of the web server user ID. In addition, there is a flaw in the login.php script when handling the 'default_language' parameter. An attacker would be able to view or execute arbitrary local files. Note that successful exploitation of this issue requires that 'Task Attachments' is enabled, which is true by default. Further, note that there is also reportedly a SQL injection issue involving the Content_Type for uploaded files and affecting this version of OneOrZero Helpdesk. If "Task Attachments' have been disabled, you are not vulnerable to this flaw.


Log into the application's control panel as the administrator and disable 'Task Attachments' (under 'OneOrZero Settings'). When released, upgrade to version or higher.