PHP file inclusion in bumsys
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2023-2551 |
| CWE-ID | CWE-98 |
| Exploitation vector | Network |
| Public exploit | Vulnerability #1 is being exploited in the wild. |
| Vulnerable software Subscribe |
Bumsys Web applications / Modules and components for CMS |
| Vendor | unilogies |
Security Bulletin
This security bulletin contains one high risk vulnerability.
1) PHP file inclusion
EUVDB-ID: #VU83293
Risk: High
CVSSv3.1: 8.4 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:H/RL:O/RC:C]
CVE-ID: CVE-2023-2551
CWE-ID:
CWE-98 - Improper Control of Filename for Include/Require Statement in PHP Program
Exploit availability: No
DescriptionThe vulnerability allows a remote user to include and execute arbitrary PHP files on the server.
The vulnerability exists due to incorrect input validation when including PHP files. A remote user with a valid API key can send a specially crafted HTTP request to the affected application, include and execute arbitrary PHP code on the system with privileges of the web server.
MitigationInstall updates from vendor's website.
Vulnerable software versionsBumsys: 1.0.1 - 2.0.2
External linkshttp://github.com/unilogies/bumsys/commit/86e29dd23df348ec6075f0c0de8e06b8d9fb0a9a
http://huntr.dev/bounties/5723613c-55c6-4f18-9ed3-61ad44f5de9c
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
Yes. This vulnerability is being exploited in the wild.
