CVE-2013-1806

php-fusion < 7.02.06 - Authenticated Path Traversal and Arbitrary File Execution

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2013-1806.

AI-analyzed exploit summary This is a detailed technical writeup describing multiple vulnerabilities in PHP-Fusion 7.02.05, including Local File Inclusion (LFI) and SQL Injection (SQLi) flaws. It provides root cause analysis, affected code paths, and exploitation conditions.

Description

Multiple directory traversal vulnerabilities in PHP-Fusion before 7.02.06 allow remote authenticated users to include and execute arbitrary files via a .. (dot dot) in the (1) user_theme parameter to maincore.php; or remote authenticated administrators to delete arbitrary files via the (2) enable parameter to administration/user_fields.php or (3) file parameter to administration/db_backup.php.

Exploits (1)

exploitdb WRITEUP

webappsphp

https://www.exploit-db.com/exploits/24562

View Code ZIP pw:eip

This is a detailed technical writeup describing multiple vulnerabilities in PHP-Fusion 7.02.05, including Local File Inclusion (LFI) and SQL Injection (SQLi) flaws. It provides root cause analysis, affected code paths, and exploitation conditions.

Classification

Writeup 100%

Attack Type

Lfi | Sqli

Complexity

Moderate

Reliability

Reliable

Target: PHP-Fusion 7.02.05

Auth required

Prerequisites: Valid user/admin credentials · PHP < 5.3.4 for LFI · magic_quotes_gpc=off for SQLi

MITRE ATT&CK