PhpCOIN 'mod' Parameter Local File Include Vulnerability Network Vulnerability

Summary

This host is running phpCOIN and is prone to local file include vulnerability.

Impact

Successful exploitation will allow attacker to obtain sensitive information and attacker can include arbitrary files. Impact Level: Application.

Solution

Upgrade to phpCOIN version 1.6.5 or higher

Insight

The flaw exists in 'mod.php' as it fails to properly sanitize user-supplied data, which allows remote attacker to include arbitrary files.

Affected

phpCOIN version 1.2.1 and prior

References

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

phpCOIN 'mod' Parameter Local File Include Vulnerability