by r0t,der4444,cembo,VietMafia

Wednesday, May 24, 2006

eSyndicat Directory Software - Local File Inclusion

============================
discovered by : VietMafia
developer's site: www.esyndicat.com
script: eSyndicat Directory Software 1.2
risk: moderate
status: unpatched
============================

This script has a vuln which can be exploited by malicious people to disclose sensitive information and potentially compromise a vulnerable system.

Input passed to the "path_to_config" parameter in admin/cron.php isn't properly verified, before it is used to include files. This can be exploited to include arbitrary files from local resources.

example:

http://host/path/admin/cron.php?path_to_config=file%00

Successful exploitation requires that "register_globals" is enabled and that "magic_quotes_gpc" is disabled.

1 Comments:

Anonymous Simon Gooffin told...

this issue has been fixed long ago

11:40 AM

 

Post a Comment

<< Home

 
Copyright (c) 2006 Pridels Sec Crew