|
Description
|
|
Two vulnerabilities has been discovered in Open-Realty, which can be exploited by malicious people to disclose potentially sensitive information.
1) Input passed via the "select_users_lang" POST parameter to index.php is not properly verified before being used to include files. This can be exploited to include files from local resources via directory traversal attacks and URL-encoded NULL bytes.
This vulnerability is reported in version 2.5.7 and confirmed in version 2.5.8. Other versions may also be affected.
2) Input passed via the "select_users_template" POST parameter to index.php is not properly verified before being used to include files. This can be exploited to include files from local resources via directory traversal attacks and URL-encoded NULL bytes.
This vulnerability is confirmed in version 2.5.8. Other versions may also be affected.
|
|
|
|
|
|
Vulnerable Products
|
|
Vulnerable Software:
Open-Realty 2.x
|
|
|
|
|
|
Solution
|
|
Edit the source code to ensure that input is properly verified.
|
|
|
|
|
|
CVE
|
|
|
|
|
|
|
|
References
|
|
Aung Khant:
http://yehg.net/lab/pr0js/advisories/[open-realty_2.5.8_2.x]_lfi
|
|
|
|
|
|
Vulnerability Manager Detection
|
|
No
|
|
|
|
|
|
IPS Protection
|
|
|
|
|
|
|
