LightBlog <= 9.9.2 Authentication Bypass / Local File Inclusion Vulnerability


The issue is due to user-suplpied input passed via the ‘Lightblog_username’ cookie to the check_user.php script is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks, or to bypass the authentication mechanism.


Disclosure Date:

April 27, 2009