Info

Disclosure

Apr 03, 2006

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

Exponent CMS contains a flaw that may allow a malicious user to run arbitrary PHP code. The issue is triggered due to the Banner and Image modules parsing user supplied PHP code. It is possible that the flaw may allow arbitrary code injection resulting in a loss of integrity.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Rumored
Disclosure: Vendor Verified
OSVDB: Web Related

Solution

Upgrade to version 0.96.5 RC 1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Exponent	Exponent CMS	0.96 .4
		0.96 .3
		0.96 .2
		0.96 .1
		0.96
		0.95.x
		0.94.x

References

Bugtraq ID: 17357
Secunia Advisory ID: 19498
CVE ID: 2006-1604 (see also: NVD) 2006-1605 (see also: NVD) 2006-1606 (see also: NVD) 2006-1607 (see also: NVD)
VUPEN Advisory: ADV-2006-1201
Vendor Specific News/Changelog Entry: http://sourceforge.net/project/shownotes.php?release_id=406474&group_id=118524
Vendor URL: http://www.exponentcms.org/

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/24358