Magic Photo Storage Website - user/user_membership_password.php _config[site_path] Parameter Remote File Inclusion

CVE编号

CVE-2007-0182

利用情况

暂无

补丁情况

N/A

披露时间

2007-01-12

漏洞描述

Multiple PHP remote file inclusion vulnerabilities in magic photo storage website allow remote attackers to execute arbitrary PHP code via a URL in the _config[site_path] parameter to (1) admin_password.php, (2) add_welcome_text.php, (3) admin_email.php, (4) add_templates.php, (5) admin_paypal_email.php, (6) approve_member.php, (7) delete_member.php, (8) index.php, (9) list_members.php, (10) membership_pricing.php, or (11) send_email.php in admin/; (12) config.php or (13) db_config.php in include/; or (14) add_category.php, (15) add_news.php, (16) change_catalog_template.php, (17) couple_milestone.php, (18) couple_profile.php, (19) delete_category.php, (20) index.php, (21) login.php, (22) logout.php, (23) register.php, (24) upload_photo.php, (25) user_catelog_password.php, (26) user_email.php, (27) user_extend.php, or (28) user_membership_password.php in user/. NOTE: the include/common_function.php vector is already covered by another candidate from the same date.

解决建议

建议您更新当前系统或软件至最新版，完成漏洞的修复。

参考链接
http://securityreason.com/securityalert/2136
http://www.osvdb.org/32668
http://www.osvdb.org/33411
http://www.osvdb.org/33412
http://www.osvdb.org/33413
http://www.osvdb.org/33414
http://www.osvdb.org/33415
http://www.osvdb.org/33416
http://www.osvdb.org/33417
http://www.osvdb.org/33418
http://www.osvdb.org/33419
http://www.osvdb.org/33420
http://www.osvdb.org/33421
http://www.osvdb.org/33422
http://www.osvdb.org/33423
http://www.osvdb.org/33425
http://www.osvdb.org/33426
http://www.osvdb.org/33427
http://www.osvdb.org/33428
http://www.osvdb.org/33429
http://www.osvdb.org/33430
http://www.osvdb.org/33431
http://www.osvdb.org/33432
http://www.osvdb.org/33433
http://www.osvdb.org/33434
http://www.osvdb.org/33435
http://www.osvdb.org/33436
http://www.osvdb.org/33437
http://www.osvdb.org/33438
http://www.osvdb.org/33439
http://www.securityfocus.com/archive/1/456389/100/0/threaded
http://www.securityfocus.com/bid/21965

受影响软件情况

#	类型	厂商	产品	版本	影响面
1
	运行在以下环境
	应用	scriptaty	magic_photo_storage_website	*	-

CVSS3评分 7.5

• 攻击路径 网络
• 攻击复杂度 低
• 权限要求 无
• 影响范围 N/A
• 用户交互 无
• 可用性 部分地
• 保密性 部分地
• 完整性 部分地

AV:N/AC:L/Au:N/C:P/I:P/A:P

CWE-ID	漏洞类型
NVD-CWE-Other

Exp相关链接

• https://www.exploit-db.com/exploits/29407
• https://www.exploit-db.com/exploits/29408
• https://www.exploit-db.com/exploits/29409
• https://www.exploit-db.com/exploits/29410
• https://www.exploit-db.com/exploits/29411
• https://www.exploit-db.com/exploits/29412
• https://www.exploit-db.com/exploits/29413
• https://www.exploit-db.com/exploits/29414
• https://www.exploit-db.com/exploits/29415
• https://www.exploit-db.com/exploits/29416
• https://www.exploit-db.com/exploits/29417
• https://www.exploit-db.com/exploits/29418
• https://www.exploit-db.com/exploits/29419
• https://www.exploit-db.com/exploits/29420
• https://www.exploit-db.com/exploits/29421
• https://www.exploit-db.com/exploits/29422
• https://www.exploit-db.com/exploits/29423
• https://www.exploit-db.com/exploits/29424
• https://www.exploit-db.com/exploits/29425
• https://www.exploit-db.com/exploits/29426
• https://www.exploit-db.com/exploits/29427
• https://www.exploit-db.com/exploits/29428
• https://www.exploit-db.com/exploits/29429
• https://www.exploit-db.com/exploits/29430
• https://www.exploit-db.com/exploits/29431
• https://www.exploit-db.com/exploits/29432
• https://www.exploit-db.com/exploits/29433
• https://www.exploit-db.com/exploits/29434

- avd.aliyun.com