← back
CVE-2008-6543

CVE-2008-6543

EPSS 2.5%
Multiple PHP remote file inclusion vulnerabilities in ComScripts TEAM Quick Classifieds 1.0 via the DOCUMENT_ROOT parameter to (1) index.php3, (2) locate.php3, (3) search_results.php3, (4) classifieds/index.php3, and (5) classifieds/view.php3; (6) index.php3, (7) manager.php3, (8) pass.php3, (9) remember.php3 (10) sign-up.php3, (11) update.php3, (12) userSet.php3, and (13) verify.php3 in controlcenter/; (14) alterCats.php3, (15) alterFeatured.php3, (16) alterHomepage.php3, (17) alterNews.php3, (18) alterTheme.php3, (19) color_help.php3, (20) createdb.php3, (21) createFeatured.php3, (22) createHomepage.php3, (23) createL.php3, (24) createM.php3, (25) createNews.php3, (26) createP.php3, (27) createS.php3, (28) createT.php3, (29) index.php3, (30) mailadmin.php3, and (31) setUp.php3 in controlpannel/; (32) include/sendit.php3 and (33) include/sendit2.php3; and possibly (34) include/adminHead.inc, (35) include/usersHead.inc, and (36) style/default.scheme.inc.
Affected products
n/a · n/a
public PoCs found36
exploitdbwww.exploit-db.com/exploits/31479unverifiedexploitdbwww.exploit-db.com/exploits/31495unverifiedexploitdbwww.exploit-db.com/exploits/31503unverifiedexploitdbwww.exploit-db.com/exploits/31482unverifiedexploitdbwww.exploit-db.com/exploits/31483unverifiedexploitdbwww.exploit-db.com/exploits/31484unverifiedexploitdbwww.exploit-db.com/exploits/31485unverifiedexploitdbwww.exploit-db.com/exploits/31486unverifiedexploitdbwww.exploit-db.com/exploits/31487unverifiedexploitdbwww.exploit-db.com/exploits/31488unverifiedexploitdbwww.exploit-db.com/exploits/31489unverifiedexploitdbwww.exploit-db.com/exploits/31490unverifiedexploitdbwww.exploit-db.com/exploits/31491unverifiedexploitdbwww.exploit-db.com/exploits/31492unverifiedexploitdbwww.exploit-db.com/exploits/31493unverifiedexploitdbwww.exploit-db.com/exploits/31494unverifiedexploitdbwww.exploit-db.com/exploits/31496unverifiedexploitdbwww.exploit-db.com/exploits/31497unverifiedexploitdbwww.exploit-db.com/exploits/31498unverifiedexploitdbwww.exploit-db.com/exploits/31499unverifiedexploitdbwww.exploit-db.com/exploits/31500unverifiedexploitdbwww.exploit-db.com/exploits/31501unverifiedexploitdbwww.exploit-db.com/exploits/31502unverifiedexploitdbwww.exploit-db.com/exploits/31504unverifiedexploitdbwww.exploit-db.com/exploits/31505unverifiedexploitdbwww.exploit-db.com/exploits/31506unverifiedexploitdbwww.exploit-db.com/exploits/31507unverifiedexploitdbwww.exploit-db.com/exploits/31508unverifiedexploitdbwww.exploit-db.com/exploits/31509unverifiedexploitdbwww.exploit-db.com/exploits/31512unverifiedexploitdbwww.exploit-db.com/exploits/31510unverifiedexploitdbwww.exploit-db.com/exploits/31511unverifiedexploitdbwww.exploit-db.com/exploits/31513unverifiedexploitdbwww.exploit-db.com/exploits/31480unverifiedexploitdbwww.exploit-db.com/exploits/31481unverifiedexploitdbwww.exploit-db.com/exploits/31514unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/42469http://www.securityfocus.com/bid/28417http://www.securityfocus.com/bid/28417/exploit