Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
PHP Include Exploit in Mail Manage EX v3.1.8 and maybe others.
From: JvdR (thewarlockhome.nl)
Date: Thu Jun 03 2004 - 10:36:44 CDT
Description: PHP Include Exploit in Mail Manage EX v3.1.8
Compromise: a malicious PHP script from an external host may be included and
Vulnerable Systems: all system using mmex.php v3.1.8 and maybe lower (not
The PHP Include exploit exist in de folowing code,
# Register Globals
$Settings = $_REQUEST['Settings'];
$Refresh = $_REQUEST['Refresh'];
$FormRecipient = $_REQUEST['Recipient'];
$EMAIL = $_REQUEST['email'];
$EMAIL = $_REQUEST['Email'];
$EMAIL = $_REQUEST['E_mail'];
$EMAIL = $_REQUEST['e_mail'];
$EMAIL = $_REQUEST['email_address'];
$EMAIL = $_REQUEST['Email_Address'];
$EMAIL = $_REQUEST['Email_address'];
# CHECK SETTINGS & FORM RECIPIENT
exit ("<b>No settings were found for this form.</b>");
$Include = include($Settings);
exit ("<b>Incorrect settings filename in your form or specified file does
"$Settings" can be used to Include malicious PHP code.
How to exploit this bug?
malicious.php is executed by the target.
No solution provided.
Gregg Kenneth Jewell of "Mail Manage EX" is informed.
Jan van de Rijt aka The Warlock.