CVE-2003-1412

GONiCUS System Administrator 1.0 - Remote Code Execution via Plugin Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2003-1412. PoCs published by Karol Wiesek.

AI-analyzed exploit summary The exploit describes a remote file inclusion vulnerability in GONiCUS System Administrator, allowing attackers to include malicious files from external servers via crafted URI parameters. This can lead to arbitrary command execution in the context of the web server.

Description

PHP remote file inclusion vulnerability in index.php for GONiCUS System Administrator (GOsa) 1.0 allows remote attackers to execute arbitrary PHP code via the plugin parameter to (1) 3fax/1blocklists/index.php; (2) 6departamentadmin/index.php, (3) 5terminals/index.php, (4) 4mailinglists/index.php, (5) 3departaments/index.php, and (6) 2groupd/index.php in 2administration/; or (7) the base parameter to include/help.php.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Karol Wiesek · textwebappsphp

https://www.exploit-db.com/exploits/22279

View Code ZIP pw:eip

The exploit describes a remote file inclusion vulnerability in GONiCUS System Administrator, allowing attackers to include malicious files from external servers via crafted URI parameters. This can lead to arbitrary command execution in the context of the web server.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Theoretical

Target: GONiCUS System Administrator Version 1

No auth needed

Prerequisites: Access to the vulnerable web application · Ability to host a malicious file on an external server

MITRE ATT&CK