vendor:
TopperMod
by:
GiReX
7.5
CVSS
HIGH
Local File Inclusion
98
CWE
Product Name: TopperMod
Affected Version From: TopperMod v1.0
Affected Version To: TopperMod v1.0
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008
TopperMod v1.0 Local File Inclusion
TopperMod v1.0 is vulnerable to Local File Inclusion. The vulnerability exists due to the lack of sanitization of the 'to' parameter in the 'mod.php' script. An attacker can exploit this vulnerability to include arbitrary local files, leading to the disclosure of sensitive information and/or the execution of arbitrary code.
Mitigation:
Input validation should be used to prevent the exploitation of this vulnerability.