Ticket #2294 (closed defect: duplicate)
'net2ftp_globals[application_skinsdir]' Parameter Remote File Include Vulnerability
|Reported by:||oarsman||Owned by:||nuxwin|
|Priority:||normal||Milestone:||ispCP ω 1.0.5|
|Component:||Frontend (GUI)||Version:||ispCP ω 1.0.4|
|Severity:||Don't know||Keywords:||net2ftp_globals Vulnerablity|
I saw this security Vulnerablity in security focus vuln list
You can find in http://www.securityfocus.com/bid/38644
other descriptin in SANS Vuln alert
- 10.12.149 - CVE: Not Available
- Platform: Web Application
- Title: ispCP Omega "net2ftp_globals[application_skinsdir]" Parameter Remote File Include
- Description: ispCP Omega is a web-hosting application implemented in PHP. The application is exposed to a remote file include issue because it fails to properly sanitize user-supplied input to the "net2ftp_globals[application_skinsdir]" parameter of the "admin1.template.php" script. ispCP Omega version 1.0.4 is affected.
- Ref: http://www.securityfocus.com/bid/38644
Note: See TracTickets for help on using tickets.