← back
CVE-2013-1806

CVE-2013-1806

EPSS 7.8%
Multiple directory traversal vulnerabilities in PHP-Fusion before 7.02.06 allow remote authenticated users to include and execute arbitrary files via a .. (dot dot) in the (1) user_theme parameter to maincore.php; or remote authenticated administrators to delete arbitrary files via the (2) enable parameter to administration/user_fields.php or (3) file parameter to administration/db_backup.php.
Affected products
n/a · n/a
public PoCs found2
cve_referencepacketstormsecurity.com/files/120598/PHP-Fusion-7.02.05-XSS-LFI-SQL-Injection.htmlunverifiedexploitdbwww.exploit-db.com/exploits/24562unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://packetstormsecurity.com/files/120598/PHP-Fusion-7.02.05-XSS-LFI-SQL-Injection.htmlhttp://seclists.org/fulldisclosure/2013/Feb/154http://www.openwall.com/lists/oss-security/2013/03/03/1http://www.openwall.com/lists/oss-security/2013/03/03/2http://www.osvdb.org/90692http://www.osvdb.org/90694http://www.osvdb.org/90696http://www.php-fusion.co.uk/news.php?readmore=569http://www.waraxe.us/advisory-97.html