plugins/maps/db_handler.php in LinPHA 1.3.3 and earlier does not require authentication for a settings action that modifies the configuration file, which allows remote attackers to conduct directory traversal attacks and execute arbitrary local files by placing directory traversal sequences into the maps_type configuration setting, and then sending a request to maps_view.php, which causes plugins/maps/map.main.class.php to use the modified configuration.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2008-04-16T19:00:00
Updated: 2024-08-07T08:40:59.408Z
Reserved: 2008-04-16T00:00:00
Link: CVE-2008-1856
Vulnrichment
No data.
NVD
Status : Modified
Published: 2008-04-16T19:05:00.000
Modified: 2017-09-29T01:30:53.507
Link: CVE-2008-1856
Redhat
No data.