phpThumb 'phpThumbDebug' Information Disclosure

vendor:

phpThumb

by:

mook

4.3

CVSS

MEDIUM

Information Disclosure

200

CWE

Product Name: phpThumb

Affected Version From: 1.7.2009

Affected Version To: 1.7.2009

Patch Exists: NO

Related CWE: N/A

CPE: a:phpthumb:phpthumb

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Linux

2011

phpThumb ‘phpThumbDebug’ Information Disclosure

Information disclosure which includes absolute system paths, os flavour, application configuration information and other installed application versions. The vulnerability can be triggered by appending 'phpThumbDebug=' and any number from 0 to 10 to any phpThumb.php request.

Mitigation:

The responsible code can be found in phpThumb.php itself by changing the default '$PHPTHUMB_CONFIG['disable_debug'] = false;' to '$PHPTHUMB_CONFIG['disable_debug'] = true;'.

Source

Exploit-DB raw data:

# Exploit Title: phpThumb 'phpThumbDebug' Information Disclosure
# Google Dork: inurl:phpThumb.php
# Date: 06/05/2011
# Author: mook
# Software Link: http://phpthumb.sourceforge.net/#download
# Version: 1.7.9
# Tested on: linux

Vulnerability:

Information disclosure which includes absolute system paths, os
flavour, application configuration information and other installed
application versions.

The vulnerability can be triggered by appending 'phpThumbDebug=" and
any number from 0 to 10 to any phpThumb.php request. e.g:



The response will be an image render of the debug information.

Remediation:

The responsible code can be found in phpThumb.php itself by changing
the default "$PHPTHUMB_CONFIG['disable_debug']            = false;" to
"$PHPTHUMB_CONFIG['disable_debug']            = true;".