Security Advisory: PHP-Fusion-AP-7.00.2-Rus (search.php) disclosure ways

[EN] securityvulns.ru
no-pyccku

Related information
  Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
  Pars CMS SQL Injection Vulnerability
  Zigurrat CMS SQL Injection Vulnerability
  Ananta Gazelle SQL Injection Vulnerability
  [SECURITY] [DSA 2016-1] New drupal6 packages fix several vulnerabilities

From: Inj3ct0r.com <inj3ct0r_(at)_list.ru>
Date: 15.03.2010
Subject: PHP-Fusion-AP-7.00.2-Rus (search.php) disclosure ways

=====================================================
PHP-Fusion-AP-7.00.2-Rus (search.php) disclosure ways
=====================================================

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0     _                   __           __       __                     1
1   /' \            __ /'__`\        /\ \__ /'__`\                   0
0 /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \ _ ___           1
1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\          0
0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1
1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\           0
0       \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/           1
1                  \ \____/ >> Exploit database separated by exploit   0
0                   \/___/          type (local, remote, DoS, etc.)    1
1                                                                      0
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-1

#[+] Discovered By   : Inj3ct0r
#[+] Site            : Inj3ct0r.com
#[+] support e-mail : submit[at]inj3ct0r.com

Site: www.alipapa.com.ua
Product: PHP-Fusion
Version: PHP-Fusion-AP-7.00.2-Rus

Disclosure ways. Error in file search.php

PHP code:

if (isset($_GET['stext']))
{
   if (is_array($_GET['stext']))
   {
       redirect(FUSION_SELF);
   }
   else
   {
       $_GET['stext'] = urlencode(stripinput($_GET['stext']));
   }
}
else
{
   $_GET['stext'] = "";
}

Example:

http://alipapa.com.ua/search.php?stext []

# ~ - [ [ : Inj3ct0r : ] ]

test server