Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2009-0932 PoC — Debian Horde Image.php本地文件包含漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2009/CVE-2009-0932.yaml
Associated Vulnerability
Title:Debian Horde Image.php本地文件包含漏洞 (CVE-2009-0932)
Description:Horde Framework是个以PHP为基础的架构,用来创建网络应用程式。 Horde没有正确地过滤对framework/Image/Image.php脚本所传送的输入便用于包含文件,远程攻击者可以通过在Horde_Image驱动名称中设置目录遍历序列导致包含和执行任意本地文件。
Description
Horde before 3.2.4 and 3.3.3 and Horde Groupware before 1.1.5 are susceptible to local file inclusion in framework/Image/Image.php because it allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the Horde_Image driver name.
File Snapshot

 id: CVE-2009-0932

info:
  name: Horde/Horde Groupware - Local File Inclusion
  author: pikpikcu
  s

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.