2 matches found
Quicksilver Forums <= 1.4.2 RCE Exploit (windows only)
No description provided by source. Author: GiReX Homepage: girex.altervista.org Date: 24/11/2008 CMS: Quicksilver Forums = 1.4.2 Site: http://www.quicksilverforums.com/ Bug: Local File Inclusion Exploit: Remote Command Execution Note: Works with windows servers only Works regardless php.ini...
Quicksilver Forums 1.4.2 (Windows) - Remote Code Execution
Author: GiReX Homepage: girex.altervista.org Date: 24/11/2008 CMS: Quicksilver Forums get'lang' $lang = $this-get'lang'; if strstr$lang, '/' || !fileexists$path . 'languages/' . $lang . '.php' $lang = 'en'; include $path . 'languages/' . $lang . '.php'; As you can see, Quicksilver filter can be...