CVE-2009-3760

Citrix XenCenterWeb - Remote Code Execution via config/writeconfig.php Pool1 Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-3760. PoCs published by Secure Network.

AI-analyzed exploit summary This advisory details multiple vulnerabilities in Citrix XenCenterWeb, including XSS, CSRF, SQL injection, and remote command execution. It provides technical explanations and proof-of-concept URLs for each vulnerability.

Description

Static code injection vulnerability in config/writeconfig.php in the sample code in the XenServer Resource Kit in Citrix XenCenterWeb allows remote attackers to inject arbitrary PHP code into include/config.ini.php via the pool1 parameter. NOTE: some of these details are obtained from third party information.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Secure Network · textremotewindows

https://www.exploit-db.com/exploits/9106

View Code ZIP pw:eip

This advisory details multiple vulnerabilities in Citrix XenCenterWeb, including XSS, CSRF, SQL injection, and remote command execution. It provides technical explanations and proof-of-concept URLs for each vulnerability.

Classification

Writeup 100%

Attack Type

Xss | Csrf | Sqli | Rce

Complexity

Trivial

Reliability

Reliable

Target: Citrix XenCenterWeb

No auth needed

Prerequisites: Access to the web interface · PHP magic_quotes_gpc off for SQLi and RCE

MITRE ATT&CK