Description

This script is vulnerable to file inclusion attacks.

The script was found to reference and potentially retrieve files from user-specified locations. User input is not sufficiently validated or sanitized prior to being passed to the vulnerable script's include function.

Remediation

Edit the source code to ensure that input is properly validated. Where is possible, it is recommended to make a list of accepted filenames and restrict the input to that list.

For PHP, the option allow_url_fopen would normally allow a programmer to open, include or otherwise use a remote file using a URL rather than a local file path. It is recommended to disable this option from php.ini.

References

PHP - Using remote files

OWASP PHP Top 5

Remote file inclusion

Related Vulnerabilities

WordPress Plugin Responsive Owl Carousel for Elementor Local File Inclusion (1.2.0)

WordPress Plugin Dean's FCKEditor with pwwang's code Arbitrary File Upload (1.0.0)

WordPress Plugin SI CAPTCHA Anti-Spam Serving Spam (3.0.2)

Ruby Improper Input Validation Vulnerability (CVE-2011-4815)

WordPress Plugin Grow by Tradedoubler-Advertiser for WooCommerce Local File Inclusion (2.0.21)

Severity

High

Classification

CWE-20 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L

Tags

File Inclusion