Vulnerability & Exploit Database

Back to search

DataLife Engine preview.php PHP Code Injection

This module exploits a PHP code injection vulnerability DataLife Engine 9.7. The vulnerability exists in preview.php, due to an insecure usage of preg_replace() with the e modifier, which allows to inject arbitrary php code, when there is a template installed which contains a [catlist] or [not-catlist] tag, even when the template isn't in use currently. The template can be configured with the TEMPLATE datastore option.

Free Metasploit Download

Get your copy of the world's leading penetration testing tool

 Download Now

Module Name

exploit/unix/webapp/datalife_preview_exec

Authors

  • EgiX
  • juan vazquez <juan.vazquez [at] metasploit.com>

References

Targets

  • DataLife Engine 9.7

Platforms

  • php

Architectures

  • php

Reliability

Development

Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':

msf > use exploit/unix/webapp/datalife_preview_exec msf exploit(datalife_preview_exec) > show targets ...targets... msf exploit(datalife_preview_exec) > set TARGET <target-id> msf exploit(datalife_preview_exec) > show options ...show and set options... msf exploit(datalife_preview_exec) > exploit