------------------------------------------------------------------------------------ [ECHO_ADV_64$2007] Openi CMS plugins (site protection) remote file inclusion ------------------------------------------------------------------------------------ Author : Ahmad Muammar W.K (a.k.a) y3dips Date Found : February, 11 2007 Location : Indonesia, Jakarta web : http://echo.or.id/adv/adv64-y3dips-2007.txt Critical Lvl : Critical ------------------------------------------------------------------------------------ Affected software description: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Application : Internal range (site protection), version: 1.0 Openi CMS plugins (http://www.openi-cms.org) URL : http://www.openi-cms.org Download-path : http://www.openi-cms.org/oi-download.php/45/file_src/oi_plugin_site_protection_1_0.zip Description : With this Plugin you can release page ranges only for certain users. The user must authentifizieren itself with user name and password. Several users for a page range can be put on. Users and sides which can be protected are put on in the editorship environment by the administrator. --------------------------------------------------------------------------- Vulnerability: ~~~~~~~~~~~~~ Variables "oi_dir" in index.php are not properly sanitized. ---------------index.php -------------------- ...