{"vuid":"VU#515417","idnumber":"515417","name":"PHPCow file inclusion vulnerability","keywords":["php","cow","file include","file inclusion","PHP"],"overview":"Older versions of PHPCow contain a file inclusion vulnerability that could allow an attacker to take control of a vulnerable application.","clean_desc":"PHPCow is a content management system that uses PHP. Older versions of PHP contain a file inclusion vulnerability. We are aware of reports that this issue being actively exploited.","impact":"A remote attacker may be able to take control of a vulnerable PHPCow application.","resolution":"Upgrade It is not clear which versions of PHPCow are vulnerable. The PHPCow suppport team has reported that recent versions of PHPCow addressed this issue. Contact PHPCow for more information about obtaining updated software.","workarounds":"Workarounds for administrators\nAdministrators are encouraged to periodically check their web server log files for indications (such as malformed URLs) that their web applications have been compromised. Web application firewalls and reverse proxy servers may be able to block some known attacks. Workarounds for users\nFollowing the recommendations in the Securing Your Web Browser document will mitigate many attacks that an attacker may launch after taking over a web application.","sysaffected":"","thanks":"","author":"This document was written by Ryan Giobbi.","public":["https://support.phpcow.com/index.php?_m=knowledgebase&_a=printable&kbarticleid=14","http://www.us-cert.gov/reading_room/securing_browser/","http://www.owasp.org/index.php/PHP_Top_5","http://www.g-brain.net/tutorials/local-file-inclusions.txt"],"cveids":[""],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2008-11-06T02:16:01Z","publicdate":"2008-11-19T00:00:00Z","datefirstpublished":"2008-11-19T15:20:56Z","dateupdated":"2008-11-19T16:35:01Z","revision":27,"vrda_d1_directreport":"0","vrda_d1_population":"1","vrda_d1_impact":"3","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"1","cam_population":"1","cam_impact":"15","cam_easeofexploitation":"15","cam_attackeraccessrequired":"20","cam_scorecurrent":"1.35","cam_scorecurrentwidelyknown":"1.771875","cam_scorecurrentwidelyknownexploited":"3.459375","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":1.35,"vulnote":null}