Archangel Weblog Local File Include And Authentication Bypass Vulnerabilities

Archangel Weblog Local File Include And Authentication Bypass Vulnerabilities

Archangel Weblog is prone to a local file-include vulnerability because the application fails to sufficiently sanitize user-supplied input. The application is also prone to an authentication-bypass vulnerability.

A successful exploit would allow an attacker to view files, execute arbitrary local scripts within the context of the webserver, and gain unauthorized administrative access to the affected application.

These issues affect Archangel Weblog 0.90.02.