header-logo
Suggest Exploit
vendor:
barryvancompo
by:
MhZ91
7.5
CVSS
HIGH
Remote File Inclusion
94
CWE
Product Name: barryvancompo
Affected Version From: 0.3
Affected Version To: 0.3
Patch Exists: YES
Related CWE: N/A
CPE: a:barryvancompo:barryvancompo:0.3
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008

barryvancompo-0.3 Remote File Inclusion

The barryvan compo manager is a PHP, Smarty and MySQL-based system for running, organising, and maintaining competitions. It is particularly designed for use within the computer music 'scene'. The barryvan compo manager presents a variable 'pageURL' not definited in the main.php file (and all files require it). This can be exploited by passing an evil code in the 'pageURL' variable, for example http://www.example.com/main.php?pageURL=[Evil_Code].

Mitigation:

Input validation should be used to prevent the execution of malicious code.
Source

Exploit-DB raw data:

--==+================================================================================+==--
--==+		barryvancompo-0.3 Remote File Inclusion                              +==--
--==+================================================================================+==--

 Author: MhZ91
 Title: barryvancompo-0.3 Remote File Inclusion 
 Download: http://sourceforge.net/projects/barryvancompo/
 Bug: Remote File Inclusion
 Info: The barryvan compo manager is a PHP, Smarty and MySQL-based system for running, organising, and maintaining competitions. It is particularly designed for use within the computer music "scene".
 Visit: http://www.inj3ct-it.org

[*]----------------------------------------------------------

barryvancompo-0.3 present a variable "pageURL" not definited in this file 

main.php
(and all files require it)

we can exploit it by the variable "pageURL", for example

http://www.example.com/main.php?pageURL=[Evil_Code]


[*]----------------------------------------------------------

# milw0rm.com [2008-02-28]

Navigation

Suggest Exploit

Services By CQR