logo Home

Untitled Document
Security Corporation Security Advisories


Untitled Document .: Path Disclosure Vulnerability in XOOPS :.

________________________________________________________________________

Security Corporation Security Advisory [SCSA-011]
________________________________________________________________________

PROGRAM: XOOPS
HOMEPAGE: http://www.xoops.org/
VULNERABLE VERSIONS: v2.0 (and prior ?)
________________________________________________________________________

DESCRIPTION
________________________________________________________________________

XOOPS is "a dynamic OO (Object Oriented) based open source portal script written in
PHP. XOOPS is the ideal tool for developing small to large dynamic community websites,
intra company portals, corporate portals, weblogs and much more."

(direct quote from XOOPS website)


DETAILS & EXPLOITS
________________________________________________________________________

¤ Details Path Disclosure :

A vulnerability have been found in XOOPS which allow attackers to determine
the physical path of the application.

This vulnerability would allow a remote user to determine the full path to the web root
directory and other potentially sensitive information. This vulnerability can be triggered
by a remote user submitting a specially crafted HTTP request including invalid input to
the "$xoopsOption" variable.

¤ Exploits Path Disclosure :

http://[target]/index.php?xoopsOption=any_word

Affected files:

admin.php
edituser.php
footer.php
header.php
image.php
lostpass.php
pmlite.php
readpmsg.php
register.php
search.php
user.php
userinfo.php
viewpmsg.php
class/xoopsblock.php
modules/contact/index.php
modules/mydownloads/index.php
modules/mydownloads/brokenfile.php
modules/mydownloads/modfile.php
modules/mydownloads/ratefile.php
modules/mydownloads/singlefile.php
modules/mydownloads/submit.php
modules/mydownloads/topten.php
modules/mydownloads/viewcat.php
modules/mylinks/brokenlink.php
modules/mylinks/index.php
modules/mylinks/modlink.php
modules/mylinks/ratelink.php
modules/mylinks/singlelink.php
modules/mylinks/submit.php
modules/mylinks/topten.php
modules/mylinks/viewcat.php
modules/newbb/index.php
modules/newbb/search.php
modules/newbb/viewforum.php
modules/newbb/viewtopic.php
modules/news/archive.php
modules/news/article.php
modules/news/index.php
modules/sections/index.php
modules/system/admin.php
modules/xoopsfaq/index.php
modules/xoopsheadlines/index.php
modules/xoopsmembers/index.php
modules/xoopspartners/index.php
modules/xoopspartners/join.php
modules/xoopspoll/index.php
modules/xoopspoll/pollresults.php

SOLUTIONS
________________________________________________________________________

No solution for the moment.


VENDOR STATUS
________________________________________________________________________

The vendor has reportedly been notified.


LINKS
________________________________________________________________________

En Français : http://www.security-corporation.com/index.php?id=advisories&a=011-FR


----------------------------------------------------------------------------------
Grégory Le Bras aka GaLiaRePt | http://www.security-corporation.com/
----------------------------------------------------------------------------------



arrowSearch Advisories

arrowNewsletter

Free weekly Newsletter.

Please enter your email address here:
arrowReport Vulnerability

If you've found a vulnerability please
click here to report it.
arrowPartners

newsnow

About Us | Contact Us | Advertise | email | Backend flag
Copyright © 2016-2017 Security Corporation - All Rights Reserved - Legal - Privacy Policy