Directory Travel in PHPVibe v11.0.46 due to incomplete blacklist checksums and directory checks, which can lead to code execution via writing specific statements to .htaccess and code to a file with a .png suffix.
The vulnerability results from incomplete implementation of the file extension blacklist mechanism and insufficient path directory verification. An attacker can exploit the path traversal flaw to write specially crafted directives to the .htaccess file, thereby modifying the web server configuration. Subsequently, by writing malicious code to a file with a .png extension (which is treated as safe), the attacker causes the server to execute this code.
An attacker gains the ability to execute arbitrary code remotely (RCE) on the server, which may result in complete system takeover, data theft, and violation of application integrity and availability.
Apply patches available from the vendor according to the references. It is also recommended to monitor and restrict write permissions to application directories and verify the integrity of .htaccess files on the server.
PHPVibe version 11.0.46
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HPhpvibe
APPPhpvibe11.0.3 – 11.0.46
Related vulnerabilities
A vulnerability, which was classified as critical, was found in PHPVibe 11.0.46. Affected is an unknown functi...
A vulnerability, which was classified as problematic, has been found in PHPVibe 11.0.46. This issue affects so...
Cross-site scripting (XSS) vulnerability in PHPVibe before 4.21 allows remote authenticated users to inject ar...