arfis

automated Remote File Inclusion search

RFI (0.2): smartSite CMS September 14, 2007

Filed under: RFI — arfis @ 4:23 am

Project Name: smartSite CMS
Project Link: http://sourceforge.net/projects/smartsite/
Project DL: http://surfnet.dl.sourceforge.net/sourceforge/smartsite/smartsitecms_10.zip
RFI Info:
File: tmp/smartsitecms_10/smartsite1.0_distro/admin/index.php
Line: 40
Vuln Code: require($root . “include/inc_adminheader.php”);

File: tmp/smartsitecms_10/smartsite1.0_distro/admin/include/inc_adminfoot.php
Line: 20
Vuln Code: require($root . “include/inc_footer.php”);

File: tmp/smartsitecms_10/smartsite1.0_distro/admin/test.php
Line: 18
Vuln Code: require($root . “../include/inc_adminheader.php”);

File: tmp/smartsitecms_10/smartsite1.0_distro/include/inc_foot.php
Line: 23
Vuln Code: require($root . “include/inc_navigation.php”);

(found with version 0.2 – 3108 projects processed so far)