CVE-2005-4317

limbo_cms < 1.0.4.2 - Cross-Site Scripting and Remote Code Execution via _SERVER[REMOTE_ADDR]

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-4317. PoCs published by rgod.

AI-analyzed exploit summary The provided text describes multiple input validation vulnerabilities in Limbo CMS, including XSS, SQL injection, and local file inclusion. It includes a proof-of-concept URL demonstrating an XSS attack via the `_SERVER` parameter.

Description

Limbo CMS 1.0.4.2 and earlier, with register_globals off, does not protect the $_SERVER variable from external modification, which allows remote attackers to use the _SERVER[REMOTE_ADDR] parameter to (1) conduct cross-site scripting (XSS) attacks in the stats module or (2) execute arbitrary code via an eval injection attack in the wrapper option in index2.php.

Exploits (1)

exploitdb WRITEUP VERIFIED

by rgod · textwebappsphp

https://www.exploit-db.com/exploits/26836

View Code ZIP pw:eip

The provided text describes multiple input validation vulnerabilities in Limbo CMS, including XSS, SQL injection, and local file inclusion. It includes a proof-of-concept URL demonstrating an XSS attack via the `_SERVER` parameter.

Classification

Writeup 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: Limbo CMS versions 1.0.4.2 and prior

No auth needed

Prerequisites: Access to a vulnerable Limbo CMS instance

MITRE ATT&CK