Title: PHPSlash URL Block Arbitrary File Disclosure Vulnerability
Severity: LOW
Description:
PHPSlash is a widely used open source Groupware utility.
In PHP, a URL block is a configurable box which is used to display small amounts of information to a website, such as time/date or weather information.
The method used in the Block_render_url.class of PHPSlash fails to check the content of a URL. A user may read arbitrary files by entering a URL that is a relative link to the file they wish to read. Unpriviledged users may read the file if it displayed on the webpage. This can only be exploited by users who have access to editing blocks.
Exploitation may result in attackers gaining local access to the webserver or information which could assist in further attacks.
Affected Products:
- PHPSlash PHPSlash 0.5.32
- PHPSlash PHPSlash 0.6.1
References:
- tobozo tagada <tobozo@iol.ie>: Block_render_url.class::security issue
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
