----------------------------------------------------------------------

Secunia Network Software Inspector 2.0 (NSI) - Public Beta

8 days left of beta period.

The 1st generation of the Secunia Network Software Inspector (NSI)
has been available for corporate users for almost 1 year and its been
a tremendous success.

The 2nd generation Secunia NSI is built on the same technology as the
award winning Secunia PSI, which has already been downloaded and
installed on more than 400,000 computers world wide.

Learn more / Download (instant access):
https://secunia.com/network_software_inspector_2/

----------------------------------------------------------------------

TITLE:
KwsPHP "action" Local File Inclusion and Code Execution

SECUNIA ADVISORY ID:
SA29802

VERIFY ADVISORY:
https://secunia.com/advisories/29802/

CRITICAL:
Moderately critical

IMPACT:
Exposure of system information, Exposure of sensitive information,
System access

WHERE:
>From remote

SOFTWARE:
KwsPHP 1.x
https://secunia.com/product/15781/

DESCRIPTION:
TsukasaGenesis and Ajax have reported a vulnerability in KwsPHP,
which can be exploited by malicious users to compromise a vulnerable
system, and by malicious people to disclose sensitive information.

Input passed to the "action" parameter in eskuel/help.php is not
properly verified before being used to include files. This can be
exploited to include arbitrary files from local resources, and
furthermore to execute arbitrary PHP scripts after uploading them as
images.

Successful exploitation of the vulnerability for executing arbitrary
uploaded PHP code requires valid user credentials.

The vulnerability is reported in version 1.3.456 downloaded before
2008-04-16. Other versions may also be affected.

SOLUTION:
Apply the vendor's official patch.

Update to version 1.3.456 downloaded on or after 2008-04-16.

PROVIDED AND/OR DISCOVERED BY:
TsukasaGenesis and Ajax

ORIGINAL ADVISORY:
KwsPHP:
https://koogar.alorys-hebergement.com/kwsphp/index.php?mod=news&ac=commentaires&id=49

TsukasaGenesis and Ajax:
https://milw0rm.com/exploits/5449

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
https://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
https://secunia.com/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------