WebBiblio Subject Gateway System Local File Inclusion Vulnerability

vendor:

WebBiblio

by:

AntiSecurity

8,8

CVSS

HIGH

Local File Inclusion

CWE

Product Name: WebBiblio

Affected Version From: WebBiblio version 3.0

Affected Version To: WebBiblio version 3.0

Patch Exists: YES

Related CWE: CVE-2010-2090

CPE: webbiblio

Metasploit: https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2010-0602/

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Linux

2010

WebBiblio Subject Gateway System Local File Inclusion Vulnerability

WebBiblio Subject Gateway System is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to include arbitrary local files from the target server.

Mitigation:

Input validation should be used to prevent the exploitation of this vulnerability.

Source

WebBiblio Subject Gateway System Local File Inclusion Vulnerability

Mitigation:

Exploit-DB raw data: