HomePentest-Tools.com Logo

F3Site GLOBALS[nlang] Parameter Multiple Local File Include Vulnerabilities CVE-2009-4435

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

F3Site is prone to multiple local file include Vulnerabilities.

Risk description

The flaw is due to error in mod/poll.php and mod/new.php which are not properly sanitising user supplied input data via GLOBALS[nlang] parameter. Successful exploitation could allow remote attackers to obtain sensitive information or execute arbitrary code on the vulnerable Web Server.

Recommendation

Upgrade to F3Site 2010 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Dec 28, 2009
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available