header-logo
Suggest Exploit
vendor:
TBDev
by:
Unknown
7.5
CVSS
HIGH
Input-Validation
Unknown
CWE
Product Name: TBDev
Affected Version From: TBDev 2.0
Affected Version To: Unknown
Patch Exists: NO
Related CWE: Unknown
CPE: Unknown
Metasploit:
Other Scripts:
Platforms Tested: Unknown
Unknown

TBDev Multiple Input-Validation Vulnerabilities

TBDev is prone to multiple input-validation vulnerabilities, including a remote file-include issue and an SQL-injection issue. A successful exploit may allow an attacker to execute malicious code within the context of the webserver process, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Mitigation:

Unknown
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/43004/info

TBDev is prone to multiple input-validation vulnerabilities, including a remote file-include issue and an SQL-injection issue.

A successful exploit may allow an attacker to execute malicious code within the context of the webserver process, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

TBDev 2.0 is vulnerable; other versions may also be affected. 

http://www.example.com/admincp.php?rootpath=(rfi)