Summary
JAF CMS is prone to an shell-command-execution vulnerability and multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input.
An attacker can exploit the remote shell-command-execution issue to execute arbitrary shell commands in the context of the webserver process.
An attacker can exploit remote file-include issues to include arbitrary remote files containing malicious PHP code and execute it in the context of the webserver process. This may allow the attacker to compromise the application and the underlying system other attacks
are also possible.
JAF CMS 4.0 RC2 is vulnerable
other versions may also be affected.
References
- http://jaf-cms.sourceforge.net/
- http://www.htbridge.ch/advisory/rfi_in_jaf_cms.html
- http://www.htbridge.ch/advisory/shell_create__command_execution_in_jaf_cms.html
- http://www.securityfocus.com/archive/1/514625
- http://www.securityfocus.com/archive/1/514626
- https://www.securityfocus.com/bid/44664
Updated on 2015-03-25
Severity
Classification
-
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- AstroSPACES profile.php SQL Injection Vulnerability
- Apache Struts2 Showcase Skill Name Remote Code Execution Vulnerability
- AjaXplorer zoho plugin Directory Traversal Vulnerability
- AlstraSoft AskMe Pro 'forum_answer.php' and 'profile.php' Multiple SQL Injection Vulnerabilities
- Atutor AChecker Multiple SQL Injection and XSS Vulnerabilities