← volver
CVE-2008-6543

CVE-2008-6543

EPSS 2.5%
Multiple PHP remote file inclusion vulnerabilities in ComScripts TEAM Quick Classifieds 1.0 via the DOCUMENT_ROOT parameter to (1) index.php3, (2) locate.php3, (3) search_results.php3, (4) classifieds/index.php3, and (5) classifieds/view.php3; (6) index.php3, (7) manager.php3, (8) pass.php3, (9) remember.php3 (10) sign-up.php3, (11) update.php3, (12) userSet.php3, and (13) verify.php3 in controlcenter/; (14) alterCats.php3, (15) alterFeatured.php3, (16) alterHomepage.php3, (17) alterNews.php3, (18) alterTheme.php3, (19) color_help.php3, (20) createdb.php3, (21) createFeatured.php3, (22) createHomepage.php3, (23) createL.php3, (24) createM.php3, (25) createNews.php3, (26) createP.php3, (27) createS.php3, (28) createT.php3, (29) index.php3, (30) mailadmin.php3, and (31) setUp.php3 in controlpannel/; (32) include/sendit.php3 and (33) include/sendit2.php3; and possibly (34) include/adminHead.inc, (35) include/usersHead.inc, and (36) style/default.scheme.inc.
Productos afectados
n/a · n/a
PoCs públicas encontradas36
exploitdbwww.exploit-db.com/exploits/31479no verificadoexploitdbwww.exploit-db.com/exploits/31495no verificadoexploitdbwww.exploit-db.com/exploits/31503no verificadoexploitdbwww.exploit-db.com/exploits/31482no verificadoexploitdbwww.exploit-db.com/exploits/31483no verificadoexploitdbwww.exploit-db.com/exploits/31484no verificadoexploitdbwww.exploit-db.com/exploits/31485no verificadoexploitdbwww.exploit-db.com/exploits/31486no verificadoexploitdbwww.exploit-db.com/exploits/31487no verificadoexploitdbwww.exploit-db.com/exploits/31488no verificadoexploitdbwww.exploit-db.com/exploits/31489no verificadoexploitdbwww.exploit-db.com/exploits/31490no verificadoexploitdbwww.exploit-db.com/exploits/31491no verificadoexploitdbwww.exploit-db.com/exploits/31492no verificadoexploitdbwww.exploit-db.com/exploits/31493no verificadoexploitdbwww.exploit-db.com/exploits/31494no verificadoexploitdbwww.exploit-db.com/exploits/31496no verificadoexploitdbwww.exploit-db.com/exploits/31497no verificadoexploitdbwww.exploit-db.com/exploits/31498no verificadoexploitdbwww.exploit-db.com/exploits/31499no verificadoexploitdbwww.exploit-db.com/exploits/31500no verificadoexploitdbwww.exploit-db.com/exploits/31501no verificadoexploitdbwww.exploit-db.com/exploits/31502no verificadoexploitdbwww.exploit-db.com/exploits/31504no verificadoexploitdbwww.exploit-db.com/exploits/31505no verificadoexploitdbwww.exploit-db.com/exploits/31506no verificadoexploitdbwww.exploit-db.com/exploits/31507no verificadoexploitdbwww.exploit-db.com/exploits/31508no verificadoexploitdbwww.exploit-db.com/exploits/31509no verificadoexploitdbwww.exploit-db.com/exploits/31512no verificadoexploitdbwww.exploit-db.com/exploits/31510no verificadoexploitdbwww.exploit-db.com/exploits/31511no verificadoexploitdbwww.exploit-db.com/exploits/31513no verificadoexploitdbwww.exploit-db.com/exploits/31480no verificadoexploitdbwww.exploit-db.com/exploits/31481no verificadoexploitdbwww.exploit-db.com/exploits/31514no verificado
⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://exchange.xforce.ibmcloud.com/vulnerabilities/42469http://www.securityfocus.com/bid/28417http://www.securityfocus.com/bid/28417/exploit