Vulnerabilities In Artmedic Hpmaker File Inclusion

Full Version: Vulnerabilities In Artmedic Hpmaker File Inclusion

GovernmentSecurity.org > The Archives > Exploit Articles

qcred11

Apr 25 2004, 06:30 AM

QUOTE

VULNERABILITIES IN ARTMEDIC HPMAKER FILE INCLUSION VULNERABILITY

Affected software description:
-------------------------------

artmedic homepagemaker
autor: artmedic webdesign
web: http://www.artmedic-webdesign.de/hp-maker/

Vulnerabilities:
-----------------

The vulnerable of code is in the index.php script

-----------------------------------------------------------
<?php
if(!isset($_GET['p'])) {include("start.htm");}
else
{include("$_GET[p]");}
?>
-----------------------------------------------------------

Details :
-------

If the remote file is a malicious PHP script, this may allow for the execution
of attacker-supplied PHP code with the privileges of the web server. Successful
exploitation may provide unauthorized remote access to the attacker. This issue
may also be exploited to remotely view files on the vulnerable host.

Example:
-----------
An example of an HTTP request that can exploit this vulnerability is:

http://[victim_host]/index.php?p=../../../../../../../../etc/passwd

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.