[原文]PHP remote file inclusion vulnerability in displaycategory.php in 4nalbum 0.92 for PHP-Nuke 6.5 through 7.0 allows remote attackers to execute arbitrary PHP code by modifying the basepath parameter to reference a URL on a remote web server that contains fileFunctions.php.
It has been reported that 4nAlbum is prone to multiple vulnerabilities. These issues are primarily due to a failure of the module to validate user input.
There is an information disclosure issue with the 'displaycategory.php' script.
There is a remote file inclusion vulnerability in the 'displaycategory.php' script.
A cross-site scripting vulnerability in the 'nmimage.php' script has also been reported.
Finally an SQL injection vulnerability has been reported. This issue may be leveraged through the 'modules.php' script of phpNuke while requesting the 'index' file of the 4nAlbum module.
This issue has been reported to affect version 0.92 of the software. It is quite likely that other versions are affected as well.
4nAlbum contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the displaycategory.php script not properly sanitizing input to the "basepath" variable. An attacker may use this to include an arbitrary file from a remote server which will be processed and any commands executed.
Currently, there are no known upgrades, patches, or workarounds available to correct this issue.