Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Application (Generic)  >   artmedic kleinanzeigen Vendors:   artmedic webdesign
artmedic kleinanzeigen Include File Error Lets Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1010740
SecurityTracker URL:
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Jul 19 2004
Impact:   Execution of arbitrary code via network, User access via network
Exploit Included:  Yes  

Description:   An include file vulnerability was reported in artmedic kleinanzeigen. A remote user can execute arbitrary code on the target system.

Dominus_Vis from Infektion Group reported that a remote user can supply a specially crafted HTTP request to cause arbitrary PHP code at a remote site to be included by and executed on the target server.

A demonstration exploit URL is provided:


Impact:   A remote user can execute arbitrary PHP code, including operating system commands on the target system. The code will run with the privileges of the target web service.
Solution:   No solution was available at the time of this entry.
Vendor URL: (Links to External Site)
Cause:   Input validation error
Underlying OS:  Linux (Any), UNIX (Any), Windows (Any)

Message History:   None.

 Source Message Contents

Subject:  Artmedic kleinanzeigen include vulnerability

Artmedic kleinanzeigen allow code inclusion in index.php. 
An evil attacker could be use this vulnerability to execute 
php code with the same user id of the running server. 
Thanks and sorry for the bad english 
Dominus_Vis from Infektion Group :> -j #infektion 


Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, LLC