Remote File Include in syntaxCMS
Vulnerable File:
0004_init_urls.php
Vulnerable Code:
1 <?php
2 include_once( $init_path . '/init.urls.php' );
3 ?>
PoC:
Solution:
Remove This Fileβ¦it's not neededβ¦just used for tests
Found by MoHaJaLi
Greetz to Eddy_BAck0o
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/