Possible file inclusion vulnerability #2052

enferas · 2021-05-14T23:15:25Z

Hello,

I would like to report for possible file inclusion vulnerability.

In file "web/add/user/index.php"

// line 86
// the source
$subject = _translate($_POST['v_language'],"Welcome to Vesta Control Panel");

File web/inc/i18n.php

// line 9
function _translate() {
// ...
$args = func_get_args();
$l = $args[0];
// ...
// the sink with file inclusion with $l
require_once($_SERVER['DOCUMENT_ROOT']."/inc/i18n/$l.php");

// ...
}

Fix for outroll#2052

dpeca · 2021-09-03T10:43:32Z

@enferas what we should write in Changelog as Credits?
Credits to @enferas ?

enferas · 2021-11-09T22:35:04Z

@dpeca Thank you for confirming my report.
If it is okay for you. I would like to gain a CVE for my discovery.
Should I contact CVE Mite then they contact you ? or you prefer to contact them directly?

enferas · 2021-12-02T19:27:37Z

CVE-2021-43693 is assigned.

vesta 0.9.8-24 is affected by a file inclusion vulnerability in file web/add/user/index.php.

myvesta added a commit to myvesta/vesta that referenced this issue Aug 15, 2021

Fix for possible file inclusion vulnerability in i18n.php

88596a8

Fix for outroll#2052

anton-reutov added security Solved labels Aug 16, 2021

anton-reutov closed this as completed Aug 16, 2021

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Possible file inclusion vulnerability #2052

Possible file inclusion vulnerability #2052

enferas commented May 14, 2021

dpeca commented Sep 3, 2021 •

edited

Loading

enferas commented Nov 9, 2021

enferas commented Dec 2, 2021

Possible file inclusion vulnerability #2052

Possible file inclusion vulnerability #2052

Comments

enferas commented May 14, 2021

dpeca commented Sep 3, 2021 • edited Loading

enferas commented Nov 9, 2021

enferas commented Dec 2, 2021

dpeca commented Sep 3, 2021 •

edited

Loading