eFront <= 3.6.10 (save_template.php) PHP Code Injection Vulnerability


eFront contains a flaw which allows a remote attacker to inject and execute arbitrary PHP code. The issue is due to the www/editor/tiny_mce/plugins/save_template/save_template.php script which fails to properly sanitize user-supplied input passed via the ‘templateName’ and ‘templateContent’ parameters before use it in a call to the file_put_contents() PHP function.


Disclosure Date:

October 27, 2011