Project: Github flatCore/flatCore-CMS 20191112

Vulnerability: #9253366 (2019-11-12 09:27:14)

Warning

There are many false positives, or unexploitable vulnerabilities. Please create working "PoC" exploit before reporting anything to vendor!

Details:

Sink PDO::query
Risk _SERVER
/flatCore-CMS-master/install/php/form.php:7 (show/hide source)
1  <?php
2  if(!defined('INSTALLER')) {
3  	header("location:../login.php");
4  	die("PERMISSION DENIED!");
5  }
6  
7 $prefs_cms_domain = "http://$_SERVER[HTTP_HOST]";
8 $prefs_cms_ssl_domain = ''; 9 $prefs_cms_base = dirname(dirname(htmlspecialchars($_SERVER['PHP_SELF'],ENT_QUOTES, "utf-8")));
Threat level 0

Callstack:

@INLINE::/flatCore-CMS-master/install/php/createDB.php /flatCore-CMS-master/install/php/createDB.php:177 (show/hide source)
157  $dbh = new PDO("sqlite:../$fc_db_content");
158  
159  	$dbh->query($sql_pages_table);
160  	$dbh->query($sql_pages_cache_table);
161  	$dbh->query($sql_preferences_table);
162  	$dbh->query($sql_textlib_table);
163  	$dbh->query($sql_comments_table);
164  	$dbh->query($sql_media_table);
165  	$dbh->query($sql_feeds_table);
166  	$dbh->query($sql_portal_site);
167  	$dbh->query($sql_first_site);
168  	$dbh->query($sql_tl_footer_text);
169  	$dbh->query($sql_tl_extra_content_text);
170  	$dbh->query($sql_tl_agreement_text);
171  	$dbh->query($sql_tl_account_confirm);
172  	$dbh->query($sql_tl_account_confirm_mail);
173  	$dbh->query($sql_tl_no_access);
174  	$dbh->query($sql_labels_table);
175  	$dbh->query($sql_addons_table);
176  
177 $dbh->query($sql_insert_prefs);
178 179 $dbh = null;