Summary
This host is running Bitweaver, which is prone to directory traversal and code injection vulnerabilities.
Impact
Successful exploitation will let the attacker to cause PHP code injection, directory traversal, gain sensitive information, and can cause arbitrary code execution inside the context of the web application.
Impact Level: Application
Solution
Upgrade to Bitweaver version 2.6.1 or later
http://www.bitweaver.org/downloads/file/16337
Insight
Multiple flaws are due to improper handling of user supplied input in saveFeed function in rss/feedcreator.class.php file and it can cause following attacks.
- PHP code injection via placing PHP sequences into the account 'display name' setting for authenticated users or in the HTTP Host header for remote users by sending a request to boards/boards_rss.php.
- Directory traversal allow remote user to create or overwrite arbitrary file via a .. (dot dot) in the version parameter to boards/boards_rss.php.
Affected
Bitweaver version 2.6.0 and prior
References
Updated on 2017-03-28
Severity
Classification
-
CVE CVE-2009-1677, CVE-2009-1678 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- appRain CMF SQL Injection And Cross Site Scripting Vulnerabilities
- Adobe ColdFusion Components (CFC) Denial Of Service Vulnerability
- A Really Simple Chat Multiple SQL Injection Vulnerabilities
- AWStats configdir parameter arbitrary cmd exec
- Acute Control Panel SQL Injection Vulnerability and Remote File Include Vulnerability