openEngine - exploit.company

vendor:

openEngine

by:

dun

7.5

CVSS

HIGH

Remote File Inclusion

CWE

Product Name: openEngine

Affected Version From: 2.0 beta4

Affected Version To: 2.0 beta4

Patch Exists: Yes

Related CWE: N/A

CPE: a:openengine:openengine

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2008

openEngine <= 2.0 beta4 Remote File Inclusion Vulnerability

Open Source Web Content Management Systems openEngine version 2.0 beta4 is vulnerable to a Remote File Inclusion vulnerability. This vulnerability allows an attacker to include a remote file, usually through a malicious URL, and execute it on the vulnerable server. The vulnerable code is located in the openengine.php file, which is included in the openEngine20 directory. The vulnerable code is the require() function, which is used to include the mysql.php file from the openengine/database directory. An attacker can exploit this vulnerability by sending a malicious URL to the vulnerable server, which will include and execute the malicious file.

Mitigation:

The vendor has released a patch to address this vulnerability. Users should upgrade to the latest version of openEngine.

Source

Exploit-DB raw data:

  :::::::-.   ...    ::::::.    :::.
   ;;,   `';, ;;     ;;;`;;;;,  `;;;
   `[[     [[[['     [[[  [[[[[. '[[
    $$,    $$$$      $$$  $$$ "Y$c$$
    888_,o8P'88    .d888  888    Y88
    MMMMP"`   "YmmMMMM""  MMM     YM

   [ Discovered by dun \ dun[at]strcpy.pl ]

 ########################################################################
 #  [ openEngine <= 2.0 beta4 ]   Remote File Inclusion Vulnerability   #
 ########################################################################
 #
 # Script: "Open Source Web Content Management Systems openEngine"
 #
 # Script site: http://www.openengine.de/
 # Download:  http://sourceforge.net/projects/openengine/
 #
 # Vuln: http://site.com/[openengine20]/cms/system/openengine.php?oe_classpath=[spread???]
 #      
 #
 # Bug: ./openengine20/cms/system/openengine.php
 #
 # ...
 # 	require($oe_classpath."/openengine/database/mysql.php");
 # ... 	 
 #
 #
 ###############################################
 # Greetz: D3m0n_DE * str0ke * and otherz..
 ###############################################

 [ dun / 2008 ] 

*******************************************************************************************

# milw0rm.com [2008-09-25]