Directory traversal vulnerability in test.php in PHP Weather 2.2.2 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the language parameter.
PHP Weather is prone to a local file-include vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.An attacker can exploit the local file-include vulnerability using directory-traversal strings to view and execute local files within the context of the webserver process. Information harvested may aid in further attacks.The attacker may leverage the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials and launch other attacks.PHP Weather 2.2.2 is vulnerable; other versions may also be affected.
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: email@example.com.
Attackers can exploit these issues via a browser.The following example URIs are available:For the local file-include issue:http://www.example.com/path/test.php?metar=()&language=[Lfi]%00For the cross-site scripting issue:http://www.example.com/path/config/make_config.php/>"><ScRiPt>alert(0)</ScRiPt>
|2008-12-30||CVE-2008-5770||Cross-Site Scripting (XSS) vulnerability in Phpweather 2.2.2||Medium|