| タイトル | Remote code execution problem in DolphinPHPV1.5.1 |
|---|
| 説明 | A vulnerability classified as serious was found in DolphinPHP V1.5.1.
There are calls whose parameters can be manipulated by users_ user_ Func() method in common.php
Special processing of parameter ids can cause remote command execution
from http://www.dolphinphp.com/getDolphin.html Download the latest version of DolphinPHP V1.5.1 source code From the code audit,We can see that the code in /application/common.php has calls whose parameters can be controlled_ user_ Func method
the controllable parameters are param [1] and log [$param [0]] First, param is the value separated by | And value is actually the traversal of match [1] Match is through regular matching, action_ Info ['log']. This rule is the matching value in brackets, and the final $action_ Info is obtained from database query |
|---|
| ソース | ⚠️ https://github.com/ssteveez/dolphin/blob/main/README.md |
|---|
| ユーザー | bydsteve (UID 41102) |
|---|
| 送信 | 2023年02月16日 04:16 (3 年 ago) |
|---|
| モデレーション | 2023年02月21日 10:19 (5 days later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 221551 [DolphinPHP 迄 1.5.1 Incomplete Fix CVE-2021-46097 common.php 識別子 特権昇格] |
|---|
| 理由 | We can't reproduce this vulnerability. Please send a video showing the exploitation. |
|---|
| ポイント | 20 |
|---|