header-logo
Suggest Exploit
vendor:
by:
mozi
7.5
CVSS
HIGH
Remote File Inclusion (RFI)
98
CWE
Product Name:
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2007

modifyform RFI

This exploit allows an attacker to include remote files on a vulnerable web application using the modifyform.html?code= parameter. By manipulating the code parameter, an attacker can execute arbitrary code or disclose sensitive information from remote servers.

Mitigation:

To mitigate this vulnerability, the application should properly validate and sanitize user input before using it to include files. Additionally, access controls should be in place to restrict unauthorized access to sensitive files.
Source

Exploit-DB raw data:

modifyform RFI

author: mozi

original post: http://darkcode.h1x.com/forum/

dork: inurl: modifyform.html?code=

thanks: str0ke, d3hydr8 

# milw0rm.com [2007-09-18]

Navigation

Suggest Exploit

Services By CQR