EasyPHP 'index.php' Authentication Bypass and Remote PHP Code Injection Vulnerability
BID:58945
Info
EasyPHP 'index.php' Authentication Bypass and Remote PHP Code Injection Vulnerability
| Bugtraq ID: | 58945 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 09 2013 12:00AM |
| Updated: | Apr 09 2013 12:00AM |
| Credit: | KedAns-Dz |
| Vulnerable: | |
| Not Vulnerable: | |
Discussion
EasyPHP 'index.php' Authentication Bypass and Remote PHP Code Injection Vulnerability
EasyPHP is prone to an authentication bypass and a PHP code execution vulnerability.
Attackers may exploit these issues to gain unauthorized access to the affected application and perform arbitrary actions or execute arbitrary PHP code within the context of the web server process. Successful attacks can compromise the affected application and possibly the underlying computer.
EasyPHP 12.1 is vulnerable; other versions may also be affected.
EasyPHP is prone to an authentication bypass and a PHP code execution vulnerability.
Attackers may exploit these issues to gain unauthorized access to the affected application and perform arbitrary actions or execute arbitrary PHP code within the context of the web server process. Successful attacks can compromise the affected application and possibly the underlying computer.
EasyPHP 12.1 is vulnerable; other versions may also be affected.
Exploit / POC
EasyPHP 'index.php' Authentication Bypass and Remote PHP Code Injection Vulnerability
Attackers can use a browser to exploit this issue.
The following example URIs are available:
http://www.example.com/home/index.php?to=ext
http://www.example.com/home/index.php?to=phpinfo
Attackers can use a browser to exploit this issue.
The following example URIs are available:
http://www.example.com/home/index.php?to=ext
http://www.example.com/home/index.php?to=phpinfo
Solution / Fix
EasyPHP 'index.php' Authentication Bypass and Remote PHP Code Injection Vulnerability
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
EasyPHP 'index.php' Authentication Bypass and Remote PHP Code Injection Vulnerability
References:
References:
- Vendor Homepage (EasyPHP)