Coppermine 1.5.42: Second-Order Command Execution

11 min read 2 Dec 2016 by Martin Bednorz
The second gift in our advent calendar contains descriptions of vulnerabilities in Coppermine, a very popular picture gallery application written in PHP and in active development since 2003. It consists of ~160,000 lines of code (medium-sized web application) and is downloaded roughly 1,200 times per week.

FreePBX 13: From Cross-Site Scripting to Remote Command Execution

11 min read 1 Dec 2016 by Hendrik Buchwald
FreePBX is a web-based graphical user interface that helps users to manage voice-over-IP services. With over one million production systems using FreePBX worldwide it is the most widely deployed open-source PBX (Private Branch Exchange) platform. Since FreePBX is written completely in PHP, we decided to throw it into our code analysis tool RIPS. The results were surprising…

Announcing the Advent of PHP Application Vulnerabilities

4 min read 25 Nov 2016 by Martin Bednorz
As the year is slowly coming to an end and the Christmas decorations are starting to brighten up the streets, we at RIPS Technologies decided to give back to the wonderful community. Starting on December 1st, we are going to open one gift of our advent calendar each day until the 24th. Our gifts are technical blog posts about real-world security vulnerabilities in popular applications.