Intrusion Prevention

PHP.BITRIX.Site.Manager.Remote.File.Inclusion

Description

It indicates a possible exploit of remote file include vulnerability in Bitrix Site Manage.


Bitrix Site Manager is a powerful Content Management Solution that enables to effectively create and manage web sites. A remote file include vulnerability is reported in it that may allow an attacker to execute arbitrary PHP code on the affected system. This is due to application failure to properly validate the _SERVER[DOCUMENT_ROOT] parameter passed to admin/index.php. For exploiting this, an attacker may send a specially-crafted URL to the admin/index.php script in the _SERVER[DOCUMENT_ROOT] parameter to include a malicious file from a remote system which would enable the attacker to execute arbitrary code on the vulnerable system.

Affected Products

Bitrix Site Manager 4.0.5 and prior versions.

Impact

Compromise of the affected system.

Recommended Actions

Upgrade to Bitrix Site Manager 4.0.9 or later versions.

CVE References

CVE-2005-1996