Intrusion Prevention

PHP.Guppy.XSS

Description

This indicates that an attacker may have attempted a PHP Injection attack or directory traversal attack against GuppY .
GuppY is vulnerable to multiple PHP Injection Attacks. The first vulnerability is a result of the " _SERVER[REMOTE_ADDR]" parameter in "error.php" not being sufficiently sanitized. It can be exploited to inject an arbitrary PHP script.
The second flaw is found in the "meskin" parameter in "editorTypetool.php" and the "lng" parameter in "archbatch.php" and "nwlmail.php". The input to the paramater is not properly verified before being used to include files when executing the script. This can be exploited to include arbitrary files from local sources.

Affected Products

Guppy 4.x

Impact

System compromise: arbitrary script execution.
Information disclosure.

Recommended Actions

Apply the appropriate patch from the vendor or upgrade to a non-vulnerable version.