header-logo
Suggest Exploit
vendor:
Newbie CMS
by:
JIKO (JAWAD)
9,3
CVSS
HIGH
Remote File Inclusion
98
CWE
Product Name: Newbie CMS
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2020

Newbie CMS Remote File Inclusion Vulnerability

Newbie CMS is prone to a remote file inclusion vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to include arbitrary files from remote locations and execute arbitrary code in the context of the webserver process. Successful exploitation of this vulnerability may result in a compromise of the application and the underlying system; other attacks are also possible.

Mitigation:

The best way to mitigate this vulnerability is to ensure that user-supplied input is properly sanitized and validated before being used in the application. Additionally, the application should be configured to use the least-privileged user account.
Source

Exploit-DB raw data:

  |=-----------------------------------------------------=|
  |=-------------=[  JIKO |No-exploit.Com|  ]=-----------=|
  |=-----------------------------------------------------=|
[~]-----------|00|
NAme    :JIKO (JAWAD)
Home    :No-exploit.Com
Mail    : !x!
[~]-----------|01|
    -{Script}
    name :Newbie CMS
    link :http://newbie-cms.com/

[~]-----------|02|
    -{3xpl01t}
    http://no-exploit.com/free_download.php?file={FILE}
[~]-----------|03|
    -{Greetz}
    Cyber-Zone,HxH,Hussin X,ZaIdOoHxHaCkEr ,Stack,HiSoKa,The SadHacker,SkuLL-HacKeR ,Dr.NaNo
    |No-Exploit.com Members
-------------------------------------

Navigation

Suggest Exploit

Services By CQR