Directory traversal vulnerability in autoinstall4imagesgalleryupgrade.php in the Fantastico De Luxe Module for cPanel allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the scriptpath_show parameter in a GoAhead action. NOTE: this issue only crosses privilege boundaries when security settings such as disable_functions and safe_mode are active, since exploitation requires uploading of executable code to a home directory.
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
| Link | Tags |
|---|---|
| http://www.securityfocus.com/bid/32016 | vdb entry exploit |
| http://www.securityfocus.com/archive/1/498526 | mailing list |
| http://www.securityfocus.com/archive/1/498529/100/0/threaded | mailing list |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/46252 | vdb entry |
| https://www.exploit-db.com/exploits/6897 | exploit |
| http://www.securityfocus.com/archive/1/498519 | mailing list exploit |
| http://www.netenberg.com/forum/index.php?topic=6832 | |
| http://www.securityfocus.com/archive/1/498529 | mailing list |
| http://www.securityfocus.com/archive/1/497964/100/0/threaded | mailing list |