| Title | Remote code execution problem in DolphinPHPV1.5.1 |
|---|
| Description | A vulnerability classified as serious was found in DolphinPHP V1.5.1.
There are calls whose parameters can be manipulated by users_ user_ Func() method in common.php
Special processing of parameter ids can cause remote command execution
from http://www.dolphinphp.com/getDolphin.html Download the latest version of DolphinPHP V1.5.1 source code From the code audit,We can see that the code in /application/common.php has calls whose parameters can be controlled_ user_ Func method
the controllable parameters are param [1] and log [$param [0]] First, param is the value separated by | And value is actually the traversal of match [1] Match is through regular matching, action_ Info ['log']. This rule is the matching value in brackets, and the final $action_ Info is obtained from database query |
|---|
| Source | ⚠️ https://github.com/ssteveez/dolphin/blob/main/README.md |
|---|
| User | bydsteve (UID 41102) |
|---|
| Submission | 02/16/2023 04:16 (3 years ago) |
|---|
| Moderation | 02/21/2023 10:19 (5 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 221551 [DolphinPHP up to 1.5.1 Incomplete Fix CVE-2021-46097 common.php ID os command injection] |
|---|
| Reason | We can't reproduce this vulnerability. Please send a video showing the exploitation. |
|---|
| Points | 20 |
|---|