SecuriTeam - phpWebFileManager Directory Traversal Vulnerability

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus

SecuriTeam
Beyond Security

SecuriTeam Home
Ask the Team
Mailing Lists
Advertising Info
Blogs

Black Box Testing
Vulnerability Assessment
Vulnerability Scanner

	SecuriTeam in Your Inbox

	E-mail this article to a friend

New vulnerability?
New tool?
Tell us

phpWebFileManager is "a standard Web File Manager written in PHP4". A directory traversal vulnerability in the product allows remote attackers to view files and directories that reside outside the bounding HTML root directory.

Credit:
The information has been provided by r00t.

Protect your website!
Use an External Vulnerability Scanner!
Nothing to install. First report in 1 hour!
www.beyondsecurity.com/vulnerability-scanner

Vulnerable systems:
* phpWebFileManager version 2.0.0

Immune systems:
* phpWebFileManager version 2.0.2

Example:
By requesting such a URL as: http://www.site.com/phpwebfilemgr/index.php?f=../../../ it is possible to traverse into directories that reside outside the bound HTML root directory.

	PHP dba_replace() Arbitrary File Destruction
	VLC Media Player RealText Processing Stack Overflow Vulnerability
	LibSPF2 DNS TXT Record Parsing Bug
	GNU Enscript "setfilename" Special Escape Buffer Overflow
	File-Find-Object Format String Vulnerability
	Veritas Storage Foundation Arbitrary File Read Vulnerability
	Sun Solstice AdminSuite sadmind adm_build_path() Buffer Overflow Vulnerability
	Apache Tomcat Information Disclosure (RemoteFilterValve)
	Apple CUPS HP-GL/2 filter Code Execution Vulnerability
	WordPress MU wpmu-Blogs.php Crose Site Scrpting Vulnerability
	strongSwan IKEv2 Denial of Service Vulnerability
	Cross-Site Scripting Filter Evasion in Various Frameworks / Applications
	MySQL Charset Truncation Vulnerability
	Wordpress user_login Column SQL Truncation Vulnerability
	Joomla Weak Random Password Reset Token Vulnerability