Search...

phpBG intern/config/forum.php URL rootdir Variable Remote File Inclusion

2007-08-29T00:00:00

ID OSVDB:38433
Type osvdb
Reporter OSVDB
Modified 2007-08-29T00:00:00

Description

Manual Testing Notes

/intern/config/forum.php?rootdir=Shell

References:

Related OSVDB ID: 38429 Related OSVDB ID: 38431 Related OSVDB ID: 38430 Related OSVDB ID: 38432 ISS X-Force ID: 36348 Generic Exploit URL: http://www.milw0rm.com/exploits/4340 CVE-2007-4636 Bugtraq ID: 25486

JSON Vulners Source

Initial Source

{"bulletinFamily": "software", "viewCount": 2, "reporter": "OSVDB", "references": [], "description": "## Manual Testing Notes\n/intern/config/forum.php?rootdir=Shell\n## References:\n[Related OSVDB ID: 38429](https://vulners.com/osvdb/OSVDB:38429)\n[Related OSVDB ID: 38431](https://vulners.com/osvdb/OSVDB:38431)\n[Related OSVDB ID: 38430](https://vulners.com/osvdb/OSVDB:38430)\n[Related OSVDB ID: 38432](https://vulners.com/osvdb/OSVDB:38432)\nISS X-Force ID: 36348\nGeneric Exploit URL: http://www.milw0rm.com/exploits/4340\n[CVE-2007-4636](https://vulners.com/cve/CVE-2007-4636)\nBugtraq ID: 25486\n", "affectedSoftware": [], "hashmap": [{"key": "affectedSoftware", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "bulletinFamily", "hash": "f9fa10ba956cacf91d7878861139efb9"}, {"key": "cvelist", "hash": "da3dd9df9218730a0e909ff6c6074df4"}, {"key": "cvss", "hash": "e5d275b3ebd62646b78320753699e02e"}, {"key": "description", "hash": "5c297626115988c11e900c7f881d4b1e"}, {"key": "href", "hash": "f6bfe9a0edb6437720b26a2edcaeb7e5"}, {"key": "modified", "hash": "2f281a007c941b1f300cbca1fc709ee6"}, {"key": "objectVersion", "hash": "56765472680401499c79732468ba4340"}, {"key": "published", "hash": "2f281a007c941b1f300cbca1fc709ee6"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "955b328dc7cd615c13af5464c9183464"}, {"key": "title", "hash": "13dfa763b4892bca218c79cbaf879d4e"}, {"key": "type", "hash": "1327ac71f7914948578f08c54f772b10"}], "href": "https://vulners.com/osvdb/OSVDB:38433", "modified": "2007-08-29T00:00:00", "objectVersion": "1.2", "enchantments": {"score": {"value": 7.2, "vector": "NONE", "modified": "2017-04-28T13:20:34"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2007-4636"]}, {"type": "osvdb", "idList": ["OSVDB:38429", "OSVDB:38431", "OSVDB:38430", "OSVDB:38432"]}, {"type": "exploitdb", "idList": ["EDB-ID:4340"]}, {"type": "canvas", "idList": ["PHPBG_INCLUDE"]}], "modified": "2017-04-28T13:20:34"}, "vulnersScore": 7.2}, "id": "OSVDB:38433", "title": "phpBG intern/config/forum.php URL rootdir Variable Remote File Inclusion", "hash": "e300fc13c63ba7839a2f8dbc71d6132f60f4f555deba7753ef2974cb796cadc0", "edition": 1, "published": "2007-08-29T00:00:00", "type": "osvdb", "history": [], "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "cvelist": ["CVE-2007-4636"], "lastseen": "2017-04-28T13:20:34"}

{"cve": [{"lastseen": "2019-05-29T18:09:01", "bulletinFamily": "NVD", "description": "Multiple PHP remote file inclusion vulnerabilities in phpBG 0.9.1 allow remote attackers to execute arbitrary PHP code via a URL in the rootdir parameter to (1) intern/admin/other/backup.php, (2) intern/admin/, (3) intern/clan/member_add.php, (4) intern/config/key_2.php, or (5) intern/config/forum.php.", "modified": "2017-09-29T01:29:00", "id": "CVE-2007-4636", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-4636", "published": "2007-08-31T23:17:00", "title": "CVE-2007-4636", "type": "cve", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:34", "bulletinFamily": "software", "description": "## Manual Testing Notes\n/intern/clan/member_add.php?rootdir=Shell\n## References:\n[Related OSVDB ID: 38429](https://vulners.com/osvdb/OSVDB:38429)\n[Related OSVDB ID: 38433](https://vulners.com/osvdb/OSVDB:38433)\n[Related OSVDB ID: 38430](https://vulners.com/osvdb/OSVDB:38430)\n[Related OSVDB ID: 38432](https://vulners.com/osvdb/OSVDB:38432)\nISS X-Force ID: 36348\nGeneric Exploit URL: http://www.milw0rm.com/exploits/4340\n[CVE-2007-4636](https://vulners.com/cve/CVE-2007-4636)\nBugtraq ID: 25486\n", "modified": "2007-08-29T00:00:00", "published": "2007-08-29T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:38431", "id": "OSVDB:38431", "title": "phpBG intern/clan/member_add.php URL rootdir Variable Remote File Inclusion", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:34", "bulletinFamily": "software", "description": "## Manual Testing Notes\n/intern/admin/other/backup.php?admin=1&rootdir=Shell\n## References:\n[Related OSVDB ID: 38431](https://vulners.com/osvdb/OSVDB:38431)\n[Related OSVDB ID: 38433](https://vulners.com/osvdb/OSVDB:38433)\n[Related OSVDB ID: 38430](https://vulners.com/osvdb/OSVDB:38430)\n[Related OSVDB ID: 38432](https://vulners.com/osvdb/OSVDB:38432)\nISS X-Force ID: 36348\nGeneric Exploit URL: http://www.milw0rm.com/exploits/4340\n[CVE-2007-4636](https://vulners.com/cve/CVE-2007-4636)\nBugtraq ID: 25486\n", "modified": "2007-08-29T00:00:00", "published": "2007-08-29T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:38429", "id": "OSVDB:38429", "title": "phpBG intern/admin/other/backup.php URL rootdir Variable Remote File Inclusion", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:34", "bulletinFamily": "software", "description": "## Manual Testing Notes\n/intern/config/key_2.php?rootdir=Shell\n## References:\n[Related OSVDB ID: 38429](https://vulners.com/osvdb/OSVDB:38429)\n[Related OSVDB ID: 38431](https://vulners.com/osvdb/OSVDB:38431)\n[Related OSVDB ID: 38433](https://vulners.com/osvdb/OSVDB:38433)\n[Related OSVDB ID: 38430](https://vulners.com/osvdb/OSVDB:38430)\nISS X-Force ID: 36348\nGeneric Exploit URL: http://www.milw0rm.com/exploits/4340\n[CVE-2007-4636](https://vulners.com/cve/CVE-2007-4636)\nBugtraq ID: 25486\n", "modified": "2007-08-29T00:00:00", "published": "2007-08-29T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:38432", "id": "OSVDB:38432", "title": "phpBG intern/config/key_2.php URL rootdir Variable Remote File Inclusion", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:20:34", "bulletinFamily": "software", "description": "## Manual Testing Notes\n/intern/admin/?rootdir=Shell\n## References:\n[Related OSVDB ID: 38429](https://vulners.com/osvdb/OSVDB:38429)\n[Related OSVDB ID: 38431](https://vulners.com/osvdb/OSVDB:38431)\n[Related OSVDB ID: 38433](https://vulners.com/osvdb/OSVDB:38433)\n[Related OSVDB ID: 38432](https://vulners.com/osvdb/OSVDB:38432)\nISS X-Force ID: 36348\nGeneric Exploit URL: http://www.milw0rm.com/exploits/4340\n[CVE-2007-4636](https://vulners.com/cve/CVE-2007-4636)\nBugtraq ID: 25486\n", "modified": "2007-08-29T00:00:00", "published": "2007-08-29T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:38430", "id": "OSVDB:38430", "title": "phpBG intern/admin/ URL rootdir Variable Remote File Inclusion", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "exploitdb": [{"lastseen": "2016-01-31T20:41:31", "bulletinFamily": "exploit", "description": "phpBG 0.9.1 (rootdir) Remote File Inclusion Vulnerabilities. CVE-2007-4636. Webapps exploit for php platform", "modified": "2007-08-29T00:00:00", "published": "2007-08-29T00:00:00", "id": "EDB-ID:4340", "href": "https://www.exploit-db.com/exploits/4340/", "type": "exploitdb", "title": "phpBG 0.9.1 rootdir Remote File Inclusion Vulnerabilities", "sourceData": "# phpBG 0.9.1 (rootdir) Remote File Inclusion Vulnerability\n# D.Script: http://phpbg.sourceforge.net/\n# POC:\n# /intern/admin/other/backup.php?admin=1&rootdir=Shell\n# /intern/admin/?rootdir=Shell\n# /intern/clan/member_add.php?rootdir=Shell\n# /intern/config/key_2.php?rootdir=Shell\n# /intern/config/forum.php?rootdir=Shell\n# Discovered by: GoLd_M = [Mahmood_ali]\n# Thanx To : Tryag-Team & Asbmay's Group & All My Friends\n\n# milw0rm.com [2007-08-29]\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/4340/"}], "canvas": [{"lastseen": "2019-05-29T17:19:29", "bulletinFamily": "exploit", "description": "**Name**| phpbg_include \n---|--- \n**CVE**| CVE-2007-4636 \n**Exploit Pack**| [CANVAS](<http://http://www.immunityinc.com/products-canvas.shtml>) \n**Description**| phpBG Remote file inclusion \n**Notes**| CVSS: 7.5 \nRepeatability: Infinite \nVENDOR: phpbg \nCVE Url: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4636 \nCVE Name: CVE-2007-4636 \n\n", "modified": "2007-08-31T23:17:00", "published": "2007-08-31T23:17:00", "id": "PHPBG_INCLUDE", "href": "http://exploitlist.immunityinc.com/home/exploitpack/CANVAS/phpbg_include", "type": "canvas", "title": "Immunity Canvas: PHPBG_INCLUDE", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}