20th Mar 2003 [SBWID-6076]
COMMAND
	XOOPS path disclosure
SYSTEMS AFFECTED
	XOOPS VERSIONS: v2.0 (and prior ?)
PROBLEM
	Grégory Le  Bras  aka  GaLiaRePt  [http://www.Security-Corporation.com],
	Security Corporation Security Advisory [SCSA-011] :
	
	 http://www.security-corporation.com/index.php?id=advisories&a=011-FR
	
	 DESCRIPTION
	 ________________________________________________________________________
	XOOPS is "a dynamic  OO  (Object  Oriented)  based  open  source  portal
	script written in PHP. XOOPS is the ideal tool for developing  small  to
	large  dynamic  community  websites,intra  company  portals,   corporate
	portals, weblogs and much more." (direct quote from XOOPS website)
	 DETAILS & EXPLOITS
	 ________________________________________________________________________
	¤ Details Path Disclosure :
	A vulnerability have been  found  in  XOOPS  which  allow  attackers  to
	determine the physical path of the application.
	This vulnerability would allow a remote user to determine the full  path
	to the web root directory and other potentially  sensitive  information.
	This vulnerability can be  triggered  by  a  remote  user  submitting  a
	specially  crafted  HTTP  request  including  invalid   input   to   the
	"$xoopsOption" variable.
	¤ Exploits Path Disclosure :
	
	http://[target]/index.php?xoopsOption=any_word
	
	Affected files:
	
	admin.php
	edituser.php
	footer.php
	header.php
	image.php
	lostpass.php
	pmlite.php
	readpmsg.php
	register.php
	search.php
	user.php
	userinfo.php
	viewpmsg.php
	class/xoopsblock.php
	modules/contact/index.php
	modules/mydownloads/index.php
	modules/mydownloads/brokenfile.php
	modules/mydownloads/modfile.php
	modules/mydownloads/ratefile.php
	modules/mydownloads/singlefile.php
	modules/mydownloads/submit.php
	modules/mydownloads/topten.php
	modules/mydownloads/viewcat.php
	modules/mylinks/brokenlink.php
	modules/mylinks/index.php
	modules/mylinks/modlink.php
	modules/mylinks/ratelink.php
	modules/mylinks/singlelink.php
	modules/mylinks/submit.php
	modules/mylinks/topten.php
	modules/mylinks/viewcat.php
	modules/newbb/index.php
	modules/newbb/search.php
	modules/newbb/viewforum.php
	modules/newbb/viewtopic.php
	modules/news/archive.php
	modules/news/article.php
	modules/news/index.php
	modules/sections/index.php
	modules/system/admin.php
	modules/xoopsfaq/index.php
	modules/xoopsheadlines/index.php
	modules/xoopsmembers/index.php
	modules/xoopspartners/index.php
	modules/xoopspartners/join.php
	modules/xoopspoll/index.php
	modules/xoopspoll/pollresults.php
	
SOLUTION
	None yet