The Gemini Portal 'lang' Parameter Multiple Local File Include Vulnerabilities

info
discussion
exploit
solution
references

The Gemini Portal 'lang' Parameter Multiple Local File Include Vulnerabilities

The Gemini Portal is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input.

An attacker can exploit these vulnerabilities using directory-traversal strings to execute arbitrary local PHP scripts within the context of the webserver process.

The Gemini Portal 4.7 is vulnerable; other versions may also be affected.