Directory traversal vulnerability in admin/skins.php for @lex Guestbook 4.0.2 and previous versions allows remote malicious users to create files in arbitrary directories via ".." sequences in the (1) aj_skin and (2) skin_edit parameters. NOTE: this can be leveraged for file inclusion by creating a skin file in the lang directory, then referencing that file via the lang parameter to index.php, which passes a sanity check in livre_include.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
alexphpteam alex guestbook 3.13 |
||
alexphpteam alex guestbook 4.0.1 |
||
alexphpteam alex guestbook 3.12 |
||
alexphpteam alex guestbook 4.0.2 |