AjaXplorer Zoho Plugin Directory Traversal Vulnerability Network Vulnerability

Summary

This host is running AjaXplorer with zoho plugin and is prone to directory traversal and file upload vulnerability.

Impact

Successful exploitation may allow an attacker to obtain sensitive information, and upload a malicious PHP script, which could allow the attacker to execute arbitrary PHP code on the affected system. Impact Level: System/Application

Solution

Upgrade to AjaXplorer 5.0.4 or later. For updates refer to http://pyd.io

Insight

The flaws exist due to improper validation of user-supplied input via 'name' parameter and improper validation of file extensions by the save_zoho.php script.

Affected

AjaXplorer zoho plugin 5.0.3 and probably before.

Detection

Send a crafted exploit string via HTTP GET request and check whether it is able to read the system file or not.

References

http://archives.neohapsis.com/archives/bugtraq/2013-11/0043.html
http://osvdb.org/99614
http://xforce.iss.net/xforce/xfdb/88667
http://xforce.iss.net/xforce/xfdb/88668

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-6226, CVE-2013-6227
CVSS Base Score: 8.5
AV:N/AC:L/Au:N/C:C/I:N/A:P

Related Vulnerabilities

Apache Struts ClassLoader Manipulation Vulnerabilities
b2Evolution title SQL Injection
ASUS RT56U Router Multiple Vulnerabilities
ActualAnalyzer Lite 'ant' Cookie Parameter Remote Command Execution Vulnerability
Advantech WebAccess Multiple Vulnerabilities

AjaXplorer zoho plugin Directory Traversal Vulnerability

Take action and discover your vulnerabilities