Detections
Analytics
SQLiteManager SQLiteManager_currentTheme Cookie Traversal Local File Inclusion
medium Nessus Plugin ID 24726
Language:
Synopsis
The remote web server contains a PHP script that is susceptible to a local file include attack.Description
The remote host is running SQLiteManager, a web-based application for managing SQLite databases.The version of SQLiteManager installed on the remote host fails to sanitize user input to the 'SQLiteManager_currentTheme' cookie before using it to include PHP code in 'include/config.inc.php'. An unauthenticated, remote attacker may be able to exploit this issue to view arbitrary files or to execute arbitrary PHP code on the remote host, subject to the privileges of the web server user id.
Solution
Unknown at this time.See Also
https://www.securityfocus.com/archive/1/461304/30/0/threaded
Plugin Details
Severity: Medium
ID: 24726
File Name: sqlitemanager_currenttheme_file_include.nasl
Version: 1.19
Type: remote
Family: CGI abuses
Published: 2/27/2007
Updated: 4/11/2022
Configuration: Enable thorough checks
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: Medium
Base Score: 5.1
Temporal Score: 4.4
Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P
Vulnerability Information
Required KB Items: www/PHP
Excluded KB Items: Settings/disable_cgi_scanning
Exploit Ease: No exploit is required
Vulnerability Publication Date: 2/24/2007
Exploitable With
CANVAS (D2ExploitPack)
Elliot (SQLiteManager 1.2.0 LFI)
Reference Information
CVE: CVE-2007-1232
BID: 22727