header-logo
Suggest Exploit
vendor:
DansGuardian Module
by:
SecurityFocus
8.8
CVSS
HIGH
Remote File Inclusion
98
CWE
Product Name: DansGuardian Module
Affected Version From: 0.9.9.2
Affected Version To: 0.9.9.2
Patch Exists: YES
Related CWE: CVE-2002-1390
CPE: o:webmin:dansguardian_module
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Linux
2002

A problem has been identified in the handling of input by scripts packaged with the DansGuardian Webmin Module

The DansGuardian Webmin Module is vulnerable to a Remote File Inclusion vulnerability due to improper input validation. This vulnerability allows an attacker to include a remote file, containing malicious code, which will be executed by the vulnerable server.

Mitigation:

The vendor has released a patch to address this vulnerability.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/9394/info

A problem has been identified in the handling of input by scripts packaged with the DansGuardian Webmin Module. Because of this, it is possible for a remote to gain access to potentially sensitive information.

https://www.example.com:10000/dansguardian/edit.cgi?file=[FILE]

Navigation

Suggest Exploit

Services By CQR