CVE-2007-1801

Name of the Vulnerable Software and Affected Versions: sBLOG version 0.7.3 Beta

Description: The issue allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the conf lang default parameter. This can be demonstrated by injecting PHP sequences into an Apache HTTP Server log file, which is then included by inc/lang.php.

Recommendations: For sBLOG version 0.7.3 Beta, consider restricting access to the inc/lang.php file and avoid using the conf lang default parameter until a patch is available. As a temporary workaround, restrict the ability to inject PHP sequences into log files to minimize the risk of exploitation.