PicoFlat CMS pico_insert.php security bypass
| picoflat-picoinsert-security-bypass (38310) |  Medium Risk |
Description:
PicoFlat CMS could allow a remote attacker to bypass security restrictions, caused by improper restrictions on the pico_insert.php script and other unspecified scripts. A remote authenticated attacker could exploit this vulnerability to bypass security and possibly upload a malicious file to the vulnerable system.
Platforms Affected:
- PicoFlat, PicoFlat CMS prior to 0.4.18
Remedy:
Upgrade to the latest version of PicoFlat CMS (0.4.18 or later), available from the PicoFlat CMS Web site. See References.
Consequences:
Bypass Security
References:
- PicoFlat CMS Web site, PicoFlag CMS at http://picoflat.altervista.org/.
- BID-26362: PicoFlat CMS Multiple Remote Security Bypass Vulnerabilities
- CVE-2007-5920: index.php in Domenico Mancini PicoFlat CMS before 0.4.18 allows remote attackers to include certain files via unspecified vectors, possibly due to a directory traversal vulnerability. NOTE: this can be leveraged to bypass authentication and upload files by including pico_insert.php or unspecified other administrative scripts. NOTE: some of these details are obtained from third party information.
- SA27504: PicoFlat CMS Administration Security Bypass
Reported:
Nov 07, 2007
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net