header-logo
Suggest Exploit
vendor:
Cuteflow Bin
by:
KnocKout
7.5
CVSS
HIGH
Local File Inclusion
98
CWE
Product Name: Cuteflow Bin
Affected Version From: 1.5.2000
Affected Version To: 1.5.2000
Patch Exists: NO
Related CWE: N/A
CPE: a:ringsworld:cuteflow_bin:1.5.0
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008

Cuteflow Bin v1.5.0 Local File Inclusion Vulnerability

A vulnerability in Cuteflow Bin v1.5.0 allows an attacker to include a local file via the 'language' parameter in the 'login.php' script.

Mitigation:

Input validation should be used to prevent the inclusion of local files.
Source

Exploit-DB raw data:

###########################################
Cuteflow Bin v1.5.0 Local File Inclusion Vulnerability
##############################################
[+] Author : KnocKout
[+] Cyber-Warrior.org / Bug Researchers Group
[~] Special Thanks : CW ALL USERS / Mr.Freeman
==============================================
Script : Cuteflow Bin v1.5.0
Download : http://scripts.ringsworld.com/groupware-tools/cuteflow-bin-v150/
###############################################
Exploit : http://localsite/path/login.php?language=[LocalFile]
#################################################
Siyasi tercihimiz ne olursa olsun Türkiye'nin geleceğini karartmak isteyenlere dur diyoruz.
www.kapatmayahayir.com
#################################################

# milw0rm.com [2008-03-22]