NukeAI Util.PHP Remote Code Execution Vulnerability
BID:21284
Info
NukeAI Util.PHP Remote Code Execution Vulnerability
| Bugtraq ID: | 21284 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Nov 24 2006 12:00AM |
| Updated: | Nov 28 2006 07:15PM |
| Credit: | The DeltahackingTEAM is credited with discovering this vulnerability. |
| Vulnerable: |
nukeai nukeai beta3 |
| Not Vulnerable: | |
Discussion
NukeAI Util.PHP Remote Code Execution Vulnerability
NukeAI is prone to an arbitrary remote code-execution vulnerability because the application fails to sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary PHP code on an affected computer with the privileges of the webserver process. This may facilitate unauthorized access.
The beta3 version of this application is affected.
NukeAI is prone to an arbitrary remote code-execution vulnerability because the application fails to sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary PHP code on an affected computer with the privileges of the webserver process. This may facilitate unauthorized access.
The beta3 version of this application is affected.
Exploit / POC
NukeAI Util.PHP Remote Code Execution Vulnerability
An exploit is not required.
The following exploit code is available:
An exploit is not required.
The following exploit code is available:
Solution / Fix
NukeAI Util.PHP Remote Code Execution Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].