Bugtraq: Re: TGS CMS Remote Code Execution Exploit

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: TGS CMS Remote Code Execution Exploit

From: lcat <lcat () email dp ua>
Date: Mon, 11 Aug 2008 12:58:44 -0700

Hello BugtraQ, I tried to reproduce this advisory.
And found out that its impossible.
When you create a index.php file, executing admin.template_engine.php,
This index.php contains 
   require_once("lib/template.class.php");
but this is wrong file path and executing index.php stop with error 
Warning: require_once(./lib/template.class.php) 
Fatal error: require_once().
Goood Luck.

By Date By Thread

Current thread:

TGS CMS Remote Code Execution Exploit 0in . email (Aug 04)
- Re: TGS CMS Remote Code Execution Exploit lcat (Aug 12)