header-logo
Suggest Exploit
vendor:
eNetman - The Enchanced Network Manager
by:
JaheeM
7.5
CVSS
HIGH
Remote File Inclusion
Unknown
CWE
Product Name: eNetman - The Enchanced Network Manager
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: NO
Related CWE: Unknown
CPE: Unknown
Metasploit:
Other Scripts:
Platforms Tested: Unknown
2007

eNetman – The Enchanced Network Manager Remote File Inclusion

This exploit allows an attacker to include remote files in the eNetman - The Enchanced Network Manager application. The vulnerability is caused by the improper input validation in the 'index.php' file. By manipulating the 'page' parameter, an attacker can include arbitrary remote files, which can lead to remote code execution.

Mitigation:

The vendor should release a patch that addresses the input validation issue and prevents remote file inclusion attacks. In the meantime, users are advised to restrict access to the affected application and apply appropriate network security measures to mitigate the risk.
Source

Exploit-DB raw data:

Title           : eNetman - The Enchanced Network Manager Remote File Inclusion
URL             : http://freshmeat.net/projects/enetman/
Author          : JaheeM
Exploit         : senetman/html/index.php?page=

Thanks To : #asc,  IRC.ASCNET.BIZ

# milw0rm.com [2007-09-03]

Navigation

Suggest Exploit

Services By CQR