CVE-2007-1415 – PMB Services 3.0.13 - Multiple Remote File Inclusions

https://notcve.org/view.php?id=CVE-2007-1415

Multiple PHP remote file inclusion vulnerabilities in PMB Services 3.0.13 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) class_path parameter to (a) includes/resa_func.inc.php (b) admin/notices/perso.inc.php, or (c) admin/quotas/main.inc.php; the (2) base_path parameter to (d) opac_css/rec_panier.php or (e) opac_css/includes/author_see.inc.php; or the (3) include_path parameter to (f) bull_info.inc.php or (g) misc.inc.php in includes/; (h) options_date_box.php, (i) options_file_box.php, (j) options_list.php, (k) options_query_list.php, or (l) options_text.php in includes/options/; (m) options.php, (n) options_comment.php, (o) options_date_box.php, (p) options_list.php, (q) options_query_list.php, or (r) options_text.php in includes/options_empr/; or (s) admin/import/iimport_expl.php, (t) admin/netbase/clean.php, (u) admin/param/param_func.inc.php, (v) admin/sauvegarde/lieux.inc.php, (w) autorites.php, (x) account.php, (y) cart.php, or (z) edit.php. Las múltiples vulnerabilidades de inclusión de archivos remotos de PHP en PMB Services versiones 3.0.13 y anteriores, permiten que los atacantes remotos ejecuten código PHP arbitrario por medio de una URL en el (1) parámetro class_path en los archivos (a) includes/resa_func.inc.php (b) admin/notices/perso.inc.php, o (c) admin/quotas/main.inc.php; el (2) parámetro base_path en los archivos (d) opac_css/rec_panier.php o (e) opac_css/includes/author_see.inc.php; o el (3) parámetro include_path en los archivos (f) bull_info.inc.php o (g) misc.inc.php en includes/; (h) options_date_box.php, (i) options_file_box.php, (j) options_list.php, (k) options_query_list.php, o (l) options_text.php en includes/options/; (m) options.php, (n) options_comment.php, (o) options_date_box.php, (p) options_list.php, (q) options_query_list.php, o (r) options_text.php in incluye/options_empr/; o (s) admin/import/iimport_expl.php, (t) admin/netbase/clean.php, (u) admin/param/param_func.inc.php, (v) admin/sauvegarde/lieux.inc.php, ( w) autorites.php, (x) account.php, (y) cart.php o (z) edit.php. • https://www.exploit-db.com/exploits/3443 http://advisories.echo.or.id/adv/adv68-K-159-2007.txt http://www.osvdb.org/35101 http://www.osvdb.org/35102 http://www.osvdb.org/35103 http://www.osvdb.org/35104 http://www.osvdb.org/35105 http://www.osvdb.org/35106 http://www.osvdb.org/35107 http://www.osvdb.org/35108 http://www.osvdb.org/35109 http://www.osvdb.org/35110 http://www.osvdb.org/35111 http://www.osvdb.org/35112 http: • CWE-94: Improper Control of Generation of Code ('Code Injection') •