发布时间 :2004-12-31 00:00:00
修订时间 :2017-07-10 21:31:08

[原文]PHP remote file inclusion vulnerability in livre_include.php in @lex Guestbook allows remote attackers to execute arbitrary PHP code by modifying the chem_absolu parameter to reference a URL on a remote web server that contains the code.

[CNNVD]lexPHPTeam lex Guestbook 远程PHP文件包含漏洞(CNNVD-200412-632)

        lex Guestbook中的livre_include.php存在PHP远程文件包含漏洞。远程攻击者可以通过修改引用了一个含代码的远程web服务器上的URL的chem_absolu参数,来执行任意PHP代码。

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)


- OVAL (用于检测的技术细节)


- 官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD
(官方数据源) CNNVD

- 其它链接及资源
(UNKNOWN)  BUGTRAQ  20040926 @lex Guestbook (PHP) Include file
(PATCH)  BID  11260
(UNKNOWN)  XF  @lex-guestbook-file-include(17516)

- 漏洞信息

lexPHPTeam lex Guestbook 远程PHP文件包含漏洞
高危 输入验证
2004-12-31 00:00:00 2006-09-28 00:00:00
        lex Guestbook中的livre_include.php存在PHP远程文件包含漏洞。远程攻击者可以通过修改引用了一个含代码的远程web服务器上的URL的chem_absolu参数,来执行任意PHP代码。

- 公告与补丁

        This issue has been addressed in version 3.13 of the software.
        @lexPHPTeam @lex Guestbook 3.12

- 漏洞信息 (24638)

@lexPHPTeam @lex Guestbook 3.12 Remote PHP File Include Vulnerability (EDBID:24638)
php webapps
2004-09-27 Verified
0 Himeur Nourredine
N/A [点击下载]

A vulnerability is reported to exist in the @lexPHPTeam @lex Guestbook software that may allow an attacker to include malicious PHP files containing arbitrary code to be executed on a vulnerable system. The issue exists due to improper validation of user-supplied data.

Remote attackers could potentially exploit this issue via a vulnerable variable to include a remote malicious PHP script, which will be executed in the context of the web server hosting the vulnerable software.[attacker]/file.ext%3f		

- 漏洞信息

@lex Guestbook livre_include.php chem_absolu Parameter Remote File Inclusion
Remote / Network Access Input Manipulation
Loss of Integrity
Exploit Public

- 漏洞描述

@lex Guestbook contains a flaw that may allow a remote attacker to execute arbitrary commands or code. The issue is due to the 'livre_include.php' script not properly sanitizing user input supplied to the 'chem_absolu' parameter. This may allow an attacker to include a file from a third-party remote host that contains commands or code that will be executed by the vulnerable script with the same privileges as the web server.

- 时间线

2004-09-28 Unknow
2004-09-28 Unknow

- 解决方案


Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete