Project: Github flatCore/flatCore-CMS 20191112

Vulnerability: #9253365 (2019-11-12 09:27:14)

Warning

There are many false positives, or unexploitable vulnerabilities. Please create working "PoC" exploit before reporting anything to vendor!

Details:

Sink PHP::echo
Risk _SERVER
/flatCore-CMS-master/install/php/form.php:7 (show/hide source)
1  <?php
2  if(!defined('INSTALLER')) {
3  	header("location:../login.php");
4  	die("PERMISSION DENIED!");
5  }
6  
7 $prefs_cms_domain = "http://$_SERVER[HTTP_HOST]";
8 $prefs_cms_ssl_domain = ''; 9 $prefs_cms_base = dirname(dirname(htmlspecialchars($_SERVER['PHP_SELF'],ENT_QUOTES, "utf-8")));
Threat level 0

Callstack:

@INLINE::/flatCore-CMS-master/install/php/form.php /flatCore-CMS-master/install/php/form.php:45 (show/hide source)
25  
26  	<div class="form-group">
27  		<label class="col-sm-2 control-label"><?php echo $lang['email']; ?></label>
28  		<div class="col-sm-10">
29  			<input type="text" class="form-control" name="mail" value="">
30  		</div>
31  	</div>
32  	
33  	<div class="form-group">
34  		<label class="col-sm-2 control-label"><?php echo $lang['password']; ?></label>
35  		<div class="col-sm-10">
36  			<input type="password" class="form-control" name="psw" value="">
37  		</div>
38  	</div>
39  	
40  	<hr>
41  	
42  	<div class="form-group">
43  		<label class="col-sm-2 control-label"><?php echo $lang['prefs_cms_domain']; ?></label>
44  		<div class="col-sm-10">
45 <input type="text" class="form-control" name="prefs_cms_domain" value="<?php echo"$prefs_cms_domain"; ?>">
46 </div> 47 </div>